Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1089
Views
3
Helpful
4
Replies

SSL certificate for ACE 4710 Device Manager

cscherb
Level 1
Level 1

‎06-21-2008 01:31 AM

I would like to use a SSL certificate from our internal PKI for ACE 4710 Device Manager, but couldn't find any information about this in the manuals. Has anybody done this before ?

1 person had this problem
Labels:
0 Helpful
4 Replies 4

smalkeric
Level 6
Level 6

‎06-26-2008 11:42 AM

The following SSL features are supported: SSL termination and initiation, SSL Version 3.0, Transport Layer Security (TLS) Version 1.0, back-end SSL, exportable Rivest, Shamir, and Adelman (RSA) cipher suites, session ID stickiness, SSL URL rewrite (HTTP header rewrite), session ID reuse, client authentication, strong RSA cipher suites, and Advanced Encryption Standard (AES) cipher suites.

• SSL accelerated protocols: HTTPS, Secure IMAP (IMAPS), Secure Lightweight Directory Access Protocol (LDAPS), Secure Network News Transfer Protocol (NNTPS), Secure POP Version 3 (POP3S), and Secure Telnet (STELNET)

• SSL accelerated ciphers: rsa-with-rc4-128-md5, rsa-with-rc4-128-sha, rsa-with-des-cbc-sha, rsa-with-3des-ede-cbc-sha, rsa-export-with-rc4-40-md5, rsa-export-with-des40-cbc-sha, rsa-export1024-with-rc4-56-md5, sa-export1024-with-des-cbc-sha, rsa-export1024-with-rc4-56-sha rsa-with-aes-128-cbc-sha, and rsa-with-aes-256-cbc-sha

• Public key exchange algorithm: RSA 512-bit, 768-bit, 1024-bit, 1536-bit, and 2048-bit

Digital certificates: All major digital certificates from certificate authorities, including the following: VeriSign, Entrust, Netscape iPlanet, Windows 2000 Certificate Server, Thawte, Equifax, and Genuity

http://www.cisco.com/en/US/prod/collateral/contnetw/ps5719/ps7027/Data_Sheet_Cisco_ACE_4710.html

0 Helpful

cscherb
Level 1
Level 1
In response to smalkeric

‎06-26-2008 01:00 PM

I'm afraid you missed my point. I'm looking for a way to use a certificate from our internal PKI for the HTTPS encryption of the ACE 4710 Device Manager / the GUI which is using the following self signed certificate as factory default:

CN = Cisco Systems, Inc.

OU = Unknown

O = Cisco Systems, Inc.

L = San Jose

S = CA

C = US

As CN will never match the URL which is used to open the ACE 4710 Device Manager there is always a security notice when starting the GUI.

0 Helpful

dkirsch
Level 1
Level 1
In response to cscherb

‎07-15-2008 10:49 AM

This is now being tracked as an enhancement request. We will post again when it is committed to a release.

dario.didio
Level 4
Level 4
In response to dkirsch

‎01-26-2010 04:22 AM

Hi,

any news on this?

Is it already implemented? If not, when will it be implemented?

Thanks.

0 Helpful
Customers Also Viewed These Support Documents