06-16-2008 11:03 AM - edited 03-10-2019 03:54 PM
I am attempting to authentication wireless clients via WLC6 via ACS SE 4.2 and this forum has provided me more information than Cisco Documentation.
In trying to obtains a 30day free trial cert from RapidSSL.com, When I submit my CSR, Rapidfire tells my that my common name is not a FQDN, I am using "acs-se.domainname.loc". Is it the .LOC that is causing my problems? Is there a way around that? I have tried downloading a cert my windows primary DC, had issues with my CRL and CTL. Basically I could not get the ACS SE to trust my Windows Cert. I am finding PEAP and EAP-FAST to be more difficult than it really should be.
Thanks
Charlie
06-17-2008 05:14 AM
Charlie,
The Certificate Signing Request screen within ACS does not have fields required by public Certificate Authorities, but you can still obtain a proper CSR by using the following subject format:
CN=server.domain.com,c=US,S=State,L=City,o=Company,ou=Department
Let me know if you have any question.
Regards,
~JG
Do rate helpful posts
06-17-2008 12:59 PM
JG,
Thanks for your response. RapidSSL would not allow a Private FQDN that ends in .LOC such as mine.
I ended up following this procedure that covers 95% of what you need for a Private Cert from my MS DCs.
My Wireless supplicants can now successfully authenticate using PEAP without monkeying around with CERTs on the client side.
Thanks
Charlie
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide