so i generated my certificate signing request, took it to my CA, got a cert. From "ACS Certification Authority Setup" i installed it onto my ACS appliance, then from "Install ACS Certificate" installed it (it prepopulated the privkey and password so i assume it got that from the cert file). I then add the CA from the "Edit Certificate Trust List". All this goes off without a hitch.
However when i try to add the "Certificate Revocation List" I am unable to add both LDAP:\\\ and http://. I have confirmed that the http:// is working on the CA, and every indication is that the ldap is working too but i don't know of the tools to test that with.
When i go into "System Configuration"->"Global Authentication Setup"->"Allow EAP-TLS" i get the following error.
Failed to initialize PEAP or EAP-TLS authentication protocol because CA certificate is not installed. Install the CA certificate using "ACS Certification Authority Setup" page.
What exactly is not installed about the Certificate? it's on the ACS server, it's configured and the date range is correct.
I've been banging my head against this all day and could use some suggestions. :)
For EAP-TLS to work you have to use external CA setup such as Microsoft or Rapid SSL etc.,and Self generated certificates in ACS supports PEAP but not EAP-TLS.