Self-Signed and CSR Certificate Generation Based on Certificate Contents

You need to have an idea of the CN and SANS content in the Self-Signed and CSR certificates. The content is based on the parameters you specify during their creation. You need to configure the parameters precisely for the AnyConnect clients to connect to the intended VPN headends of your organization.

This section provides different use cases with examples to give you an idea of the content of Self-Signed and CSR certificates based on the parameters specified.

Usecase 1: Different CN and FQDN values

Example:

  • Common Name (CN): mywebsite.com

  • FQDN: mysan.com

Example: Different CN and FQDN values

Common Name

unstructuredName

SANS

Self-Signed

mywebsite.com

mysan.com

mysan.com

CSR

mywebsite.com

mysan.com

-

Usecase 2: FQDN field set to None

Example:

  • Common Name (CN): mywebsite.com

  • FQDN: None

Example: FQDN field set to None

Common Name

SANS

Self-Signed

Host Name

-

CSR

mywebsite.com

-

Usecase 3: No FQDN (Default FQDN)

Example:

  • Common Name (CN): mywebsite.com

Example: No FQDN (Default FQDN)

Common Name

unstructuredName

SANS

Self-Signed

mywebsite.com

Host Name

-

CSR

mywebsite.com

Host Name

Host Name

Usecase 4: IP Address is specified in FQDN

Example:

  • Common Name (CN): mywebsite.com

  • FQDN: 4.5.6.7

Example: IP Address is specified in FQDN

Common Name

unstructuredName

SANS

Self-Signed

mywebsite.com

4.5.6.7

-

CSR

mywebsite.com

4.5.6.7

4.5.6.7

Usecase 5: IP Address is Specified

Example:

  • IP Address: 4.5.6.7

  • Common Name (CN): mywebsite.com

  • FQDN: fqdn.com

Example: IP Address is specified

Common Name

unstructuredAddress

unstructuredName

SANS

Self-Signed

mywebsite.com

4.5.6.7

fqdn.com

-

CSR

mywebsite.com

4.5.6.7

fqdn.com

fqdn.com

Usecase 6: Serial Number Check box is Selected

Example:

  • Serial Number: 9AQXMWOKDT9

Example: IP Serial Number Check box is Selected

serialNumber

SANS

Self-Signed

9AQXMWOKDT9

-

CSR

9AQXMWOKDT9

fqdn.com

Usecase 7: Email Address is Specified

Example:

  • EA: abc@xyz.com

Example: Email Address is Specified

unstructredName

emailAddress

SANS

Self-Signed

Host Name

abc@xyz.com

Host Name

CSR

Host Name

abc@xyz.com

-