Filter
Top Products
10-35
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 10 System Configuration: Authentication and Certificates
Cisco Secure ACS Certificate Setup
• Using Self-Signed Certificates, page 10-47
• Updating or Replacing a Cisco Secure ACS Certificate, page 10-50
Installing a Cisco Secure ACS Server Certificate
Perform this procedure to install (that is, enroll) a server certificate for your
Cisco Secure ACS. You can perform certificate enrollment to support EAP-TLS
and PEAP authentication, as well as to support HTTPS protocol for GUI access
to Cisco Secure ACS. There are three basic options for how you obtain your server
certificate; you may:
• Obtain a certificate from a CA
• Use an existing certificate from local machine storage
• Generate a self-signed certificate.
Before You Begin
You must have a server certificate for your Cisco Secure ACS before you can
install it. With Cisco Secure ACS, certificate files must be in Base64-encoded
X.509. If you do not already have a server certificate in storage, you can use the
procedure in Generating a Certificate Signing Request, page 10-45, or any other
means, to obtain a certificate for installation.
If you are installing a server certificate that replaces an existing server certificate,
the installation could affect the configuration of the CTL and CRL settings your
Cisco Secure ACS. After you have installed a replacement certificate, you should
determine whether you need to reconfigure any CTL or CRL settings.
If you want to use a server certificate from local machine storage, we recommend
that you read Extensible Authentication Protocol Transport Layer Security
Deployment Guide for Wireless LAN Networks, available on the Cisco Secure
ACS CD and at http://www.cisco.com/warp/public/cc/pd/sqsw/sq/tech/
index.shtml. This white paper provides information about how to add a certificate
to machine storage and how to configure a Microsoft certification authority server
for use with Cisco Secure ACS.
To install an existing certificate for use on Cisco Secure ACS, follow these steps:
Step 1 In the navigation bar, click System Configuration.
Step 2 Click ACS Certificate Setup.