I have the same "problem" - even though it looks pretty simple it gives me a bit of a headache - I am running Cisco ASA (FPR-2120 running ASA OS 9.9(2)27 ) and using this purely for Cisco AnyConnect VPN service - with the AnyConnect client.

SSL Certificate CSR Creation - Cisco ASA 5500 VPN/Firewall CSR Creation for Cisco Adaptive Security Appliance 5500. If you already have your SSL Certificate and just need to install it, see SSL Certificate Installation for Cisco ASA 5500 VPN. How to generate a CSR in Cisco ASA 5500 SSL VPN/Firewall. From the Cisco Adaptive Security Device Manager (ASDM), select "Configuration" and then "Device Management." Cisco Security Advisory: Cisco Adaptive Security Appliance A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust memory resources on the affected device, leading to a denial of service (DoS) condition. The vulnerability is due to improper resource management Solved: Disabling clientless/browser based VPN. - Cisco ASA-SSLVPN(config-group-policy)# vpn-tunnel-protocol ssl-client But since you have anyconnect -essentials enabled under webvpn config you would have no access to clientless VPN. It would only let you to access Anyconnect client services. Solved: What license do I need for 25 SSL VPN P - Cisco

Cisco ASA Anyconnect Self Signed Certificate

This article focuses on Cisco® ASA VPN appliance, Citrix NetScaler SSL VPN appliance, and the Juniper Networks Secure Access/Pulse Secure Connect Secure SSL VPN appliance. We created configuration guides to address these three common appliances. Azure MFA Server can also integrate with most other systems that use RADIUS, LDAP, IIS, or claims

Cisco Guide to Harden Cisco ASA Firewall - Cisco

Cisco Security Advisory: Cisco Adaptive Security Appliance