SSL certificate for ACE 4710 Device Manager

Unanswered Question
Jun 21st, 2008

I would like to use a SSL certificate from our internal PKI for ACE 4710 Device Manager, but couldn't find any information about this in the manuals. Has anybody done this before ?

I have this problem too.
1 vote
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
smalkeric Thu, 06/26/2008 - 11:42

The following SSL features are supported: SSL termination and initiation, SSL Version 3.0, Transport Layer Security (TLS) Version 1.0, back-end SSL, exportable Rivest, Shamir, and Adelman (RSA) cipher suites, session ID stickiness, SSL URL rewrite (HTTP header rewrite), session ID reuse, client authentication, strong RSA cipher suites, and Advanced Encryption Standard (AES) cipher suites.

• SSL accelerated protocols: HTTPS, Secure IMAP (IMAPS), Secure Lightweight Directory Access Protocol (LDAPS), Secure Network News Transfer Protocol (NNTPS), Secure POP Version 3 (POP3S), and Secure Telnet (STELNET)

• SSL accelerated ciphers: rsa-with-rc4-128-md5, rsa-with-rc4-128-sha, rsa-with-des-cbc-sha, rsa-with-3des-ede-cbc-sha, rsa-export-with-rc4-40-md5, rsa-export-with-des40-cbc-sha, rsa-export1024-with-rc4-56-md5, sa-export1024-with-des-cbc-sha, rsa-export1024-with-rc4-56-sha rsa-with-aes-128-cbc-sha, and rsa-with-aes-256-cbc-sha

• Public key exchange algorithm: RSA 512-bit, 768-bit, 1024-bit, 1536-bit, and 2048-bit

Digital certificates: All major digital certificates from certificate authorities, including the following: VeriSign, Entrust, Netscape iPlanet, Windows 2000 Certificate Server, Thawte, Equifax, and Genuity

http://www.cisco.com/en/US/prod/collateral/contnetw/ps5719/ps7027/Data_Sheet_Cisco_ACE_4710.html

cscherb Thu, 06/26/2008 - 13:00

I'm afraid you missed my point. I'm looking for a way to use a certificate from our internal PKI for the HTTPS encryption of the ACE 4710 Device Manager / the GUI which is using the following self signed certificate as factory default:

CN = Cisco Systems, Inc.

OU = Unknown

O = Cisco Systems, Inc.

L = San Jose

S = CA

C = US

As CN will never match the URL which is used to open the ACE 4710 Device Manager there is always a security notice when starting the GUI.

dkirsch Tue, 07/15/2008 - 10:49

This is now being tracked as an enhancement request. We will post again when it is committed to a release.

dario.didio Tue, 01/26/2010 - 04:22

Hi,

any news on this?

Is it already implemented? If not, when will it be implemented?

Thanks.

Actions

This Discussion