06-21-2008 01:31 AM
I would like to use a SSL certificate from our internal PKI for ACE 4710 Device Manager, but couldn't find any information about this in the manuals. Has anybody done this before ?
06-26-2008 11:42 AM
The following SSL features are supported: SSL termination and initiation, SSL Version 3.0, Transport Layer Security (TLS) Version 1.0, back-end SSL, exportable Rivest, Shamir, and Adelman (RSA) cipher suites, session ID stickiness, SSL URL rewrite (HTTP header rewrite), session ID reuse, client authentication, strong RSA cipher suites, and Advanced Encryption Standard (AES) cipher suites.
⢠SSL accelerated protocols: HTTPS, Secure IMAP (IMAPS), Secure Lightweight Directory Access Protocol (LDAPS), Secure Network News Transfer Protocol (NNTPS), Secure POP Version 3 (POP3S), and Secure Telnet (STELNET)
⢠SSL accelerated ciphers: rsa-with-rc4-128-md5, rsa-with-rc4-128-sha, rsa-with-des-cbc-sha, rsa-with-3des-ede-cbc-sha, rsa-export-with-rc4-40-md5, rsa-export-with-des40-cbc-sha, rsa-export1024-with-rc4-56-md5, sa-export1024-with-des-cbc-sha, rsa-export1024-with-rc4-56-sha rsa-with-aes-128-cbc-sha, and rsa-with-aes-256-cbc-sha
⢠Public key exchange algorithm: RSA 512-bit, 768-bit, 1024-bit, 1536-bit, and 2048-bit
Digital certificates: All major digital certificates from certificate authorities, including the following: VeriSign, Entrust, Netscape iPlanet, Windows 2000 Certificate Server, Thawte, Equifax, and Genuity
http://www.cisco.com/en/US/prod/collateral/contnetw/ps5719/ps7027/Data_Sheet_Cisco_ACE_4710.html
06-26-2008 01:00 PM
I'm afraid you missed my point. I'm looking for a way to use a certificate from our internal PKI for the HTTPS encryption of the ACE 4710 Device Manager / the GUI which is using the following self signed certificate as factory default:
CN = Cisco Systems, Inc.
OU = Unknown
O = Cisco Systems, Inc.
L = San Jose
S = CA
C = US
As CN will never match the URL which is used to open the ACE 4710 Device Manager there is always a security notice when starting the GUI.
07-15-2008 10:49 AM
This is now being tracked as an enhancement request. We will post again when it is committed to a release.
01-26-2010 04:22 AM
Hi,
any news on this?
Is it already implemented? If not, when will it be implemented?
Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide