ACS SE Private Key Backup

Answered Question
Jan 25th, 2008
User Badges:

How do I backup the private key in ACS SE. I already have the public key certified by a comercial CA and don't want to waste money spent in buying the certificate. Reason I want to backup because I am getting following error on the console and the services have stopped.

"API called before initialised at H:\ismg_israel_acs\Acs\EndPoint\Core\endpoint.c

pp:394".

===============

Cisco Secure ACS: 4.1.4.13

Appliance Management Software: 4.1.4.13

Appliance Base Image: 4.1.1.4

CSA build 4.0.1.543.2: (Patch: 4_0_1_543)

==========

CSAdmin -- stopped

CSAuth -- stopped

CSDbSync -- stopped

CSLog -- stopping

CSMon -- starting

CSRadius -- starting

CSTacacs -- stopped

===================


Can I use the backup feature? Will it also backup the private key?

Correct Answer by Jagdeep Gambhir about 9 years 3 months ago

Manoj,

Unfortunately, there is no way to really export just the private key and certificate,

which can be reimported into the ACS. There has been a feature request regarding this

feature, in order to allow the export of private keys and certificates for backup purposes. The Bug ID is: CSCed14965.



http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCed14965


However, what you can do is perform a backup of the database. This will save the registry

that includes the certificate and the private key. Then you can restore this backup file

on a new machine and choose to restore the System Configuration part. This will restore

the certificate and private key into the ACS Certificate page.


Hope that helps


Regards,

~JG


Do rate helpful posts


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jagdeep Gambhir Fri, 01/25/2008 - 05:51
User Badges:
  • Red, 2250 points or more

Manoj,

Unfortunately, there is no way to really export just the private key and certificate,

which can be reimported into the ACS. There has been a feature request regarding this

feature, in order to allow the export of private keys and certificates for backup purposes. The Bug ID is: CSCed14965.



http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCed14965


However, what you can do is perform a backup of the database. This will save the registry

that includes the certificate and the private key. Then you can restore this backup file

on a new machine and choose to restore the System Configuration part. This will restore

the certificate and private key into the ACS Certificate page.


Hope that helps


Regards,

~JG


Do rate helpful posts


Actions

This Discussion