ACS SE - Public Cert from RapidSSL

Unanswered Question
Jun 16th, 2008

I am attempting to authentication wireless clients via WLC6 via ACS SE 4.2 and this forum has provided me more information than Cisco Documentation.

In trying to obtains a 30day free trial cert from, When I submit my CSR, Rapidfire tells my that my common name is not a FQDN, I am using "acs-se.domainname.loc". Is it the .LOC that is causing my problems? Is there a way around that? I have tried downloading a cert my windows primary DC, had issues with my CRL and CTL. Basically I could not get the ACS SE to trust my Windows Cert. I am finding PEAP and EAP-FAST to be more difficult than it really should be.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jagdeep Gambhir Tue, 06/17/2008 - 05:14


The Certificate Signing Request screen within ACS does not have fields required by public Certificate Authorities, but you can still obtain a proper CSR by using the following subject format:,c=US,S=State,L=City,o=Company,ou=Department

Let me know if you have any question.



Do rate helpful posts

charlie-hall Tue, 06/17/2008 - 12:59


Thanks for your response. RapidSSL would not allow a Private FQDN that ends in .LOC such as mine.

I ended up following this procedure that covers 95% of what you need for a Private Cert from my MS DCs.

My Wireless supplicants can now successfully authenticate using PEAP without monkeying around with CERTs on the client side.




This Discussion