Skip to main content

 

 

Cisco Defense Orchestrator

Self-Signed and CSR Certificate Generation Based on Certificate Contents

You need to have an idea of the CN and SANS content in the Self-Signed and CSR certificates. The content is based on the parameters you specify during their creation. You need to configure the parameters precisely for the AnyConnect clients to connect to the intended VPN headends of your organization. 

This section provides different use cases with examples to give you an idea of the content of Self-Signed and CSR certificates based on the parameters specified. 

Usecase 1: Different CN and FQDN values

Example:

  • Common Name (CN): mywebsite.com
  • FQDN: mysan.com
  Common Name unstructuredName SANS
Self-Signed mywebsite.com mysan.com mysan.com
CSR mywebsite.com mysan.com -
Usecase 2: FQDN field set to None

Example:

  • Common Name (CN): mywebsite.com
  • FQDN: None
  Common Name SANS
Self-Signed Host Name -
CSR mywebsite.com -
Usecase 3: No FQDN (Default FQDN)

Example:

  • Common Name (CN): mywebsite.com
  Common Name unstructuredName SANS
Self-Signed mywebsite.com Host Name -
CSR mywebsite.com Host Name Host Name
Usecase 4: IP Address is specified in FQDN

Example:

  • Common Name (CN): mywebsite.com
  • FQDN: 4.5.6.7
  Common Name unstructuredName SANS
Self-Signed mywebsite.com 4.5.6.7 -
CSR mywebsite.com 4.5.6.7 4.5.6.7
Usecase 5: IP Address is Specified

Example:

  • IP Address: 4.5.6.7
  • Common Name (CN): mywebsite.com
  • FQDN: fqdn.com
  Common Name unstructuredAddress unstructuredName SANS
Self-Signed mywebsite.com 4.5.6.7 fqdn.com -
CSR mywebsite.com 4.5.6.7 fqdn.com fqdn.com
Usecase 6: Serial Number Check box is Selected

Example:

  • Serial Number: 9AQXMWOKDT9
  serialNumber SANS
Self-Signed 9AQXMWOKDT9 -
CSR 9AQXMWOKDT9 fqdn.com
Usecase 7: Email Address is Specified 

Example:

  unstructredName emailAddress SANS
Self-Signed Host Name abc@xyz.com Host Name
CSR Host Name abc@xyz.com -
  • Was this article helpful?