You can export and import the keypair and issued certificates associated with a trustpoint in PKCS12 or PEM format. This format is useful to manually duplicate a trustpoint configuration on a different ASA.
To export an identity certificate, perform the following steps:
- In the navigation menu, click Devices & Services.
- Select the ASA device and in the Management on the right, click Trustpoints.
- Click the identity certificate to export the certificate configuration. Alternatively, you can search for the certificate by entering its name in the search field.
- In the Actions pane on the right, click Export Certificate.
- Choose the certificate format by clicking the PKCS12 Format or the PEM Format.
- Enter the encryption passphrase used to encrypt the PKCS12 file for export.
- Confirm the encryption passphrase.
- Click Export to export the certificate configuration.
An information dialog box appears, informing you that the certificate configuration file has been successfully exported to the location that you specified.