Cisco Systems 3.3 Server User Manual


 
Chapter 10 System Configuration: Authentication and Certificates
Cisco Secure ACS Certificate Setup
10-48
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Self-Signed Certificate Configuration Options
The Generate Self-Signed Certificate edit page contains the following mandatory
configuration fields:
Certificate subject—The subject for the certificate, prefixed with “cn=”. We
recommend using the Cisco Secure ACS name. For example, “cn=ACS11”.
The Certificate subject field here can contain a number of content entries as
comma-separated items; these include:
CN—common name (the mandatory entry)
OU—organizational unit name
O—organization name
S—state or province
E—email address
L—locality name
For example, the Certificate subject field might appear as follows:
cn=ACS 11, O=Acme Enterprises, E=admin@acme.com
Certificate file—The full path and filename for the certificate file that you
want to generate. For example, “c:\acs_server_cert\acs_server_cert.cer”.
When you submit this page, Cisco Secure ACS creates the certificate file
using the location and filename you specify.
Private key file—The full path and filename for the private key file you want
to generate. For example, “c:\acs_server_cert\acs_server_cert.pvk”. When
you submit this page, Cisco Secure ACS creates the private key file using the
location and filename you specify.
Private key password—A private key password for the certificate. Minimum
length for the private key password is 4 characters, and the maximum length
is 64 characters.
Retype private key password—The private key password typed again, to
ensure accuracy.
Key length—Select the key length from the choices listed. The choices
include 512 bits, 1024 bits, and 2048 bits.