Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
517
Views
0
Helpful
3
Replies

ACS 4.2 Cert Domain Name or IP

Go to solution
michael.m.williams
Level 1
Level 1

‎12-02-2008 11:25 AM - edited ‎03-10-2019 04:13 PM

I was using a self sign certin my ACS 4.2 and then just advised sour students to unckeck "Validate Server Certificate", but some usere wanting to use there phone have a default setting to verify the cert before establishing a connection and so we have decided to install a valid 3rd party certificate to solve this issue and save the help desk folks numerous callls. In the ACS when you generate a cert request you can use the domain name of the ACS in the request. Would it be better to use the IP of the ACS in this process or should I use the Domain name? I want to make sure we provide the correct info when we request a cert.

Thanks

mike

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
andrew.brazier
Level 4
Level 4

‎12-11-2008 12:34 AM

Use the domain name of the ACS server. Buying in a cert is a far better idea than using self-signed. The cost (which is pretty low anyway) is more than offset by the reduction in support calls!

View solution in original post

0 Helpful
3 Replies 3

Go to solution
irisrios
Level 6
Level 6

‎12-08-2008 02:52 PM

You can use ACS to generate a self-signed digital certificate to use for the PEAP authentication protocol or HTTPS support of ACS administration. This capability supports TLS/SSL protocols and technologies without the requirement of interacting with a CA.

Refer the below URL to know about “ using self-signed certificate”:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/SCAuth.html#wp327462

0 Helpful

Go to solution
andrew.brazier
Level 4
Level 4

‎12-11-2008 12:34 AM

Use the domain name of the ACS server. Buying in a cert is a far better idea than using self-signed. The cost (which is pretty low anyway) is more than offset by the reduction in support calls!

0 Helpful

Go to solution
michael.m.williams
Level 1
Level 1
In response to andrew.brazier

‎12-11-2008 06:08 AM

Thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents