07-22-2009 08:06 PM - edited 07-03-2021 05:51 PM
Hi Netpro,
does anyone know about the Cisco Appliance server 1113 can generate the Certificate Signing Request ? how to make this working with Verisign server ?
your reply will be highly appreciated.
thanks a lot.
07-22-2009 08:34 PM
Yes
Go to System Configuration > ACS Certificate Setup > Generate Certificate Signing Request
Specify Certificate Subject, it could be as short as "CN=acs.domain.com"
Specify Private Key File name, for example "file.pvk"
This file will be stored on ACS appliance in some location and contains the private/public key pair. You will have to specify this file name "file.pvk" on another page in ACS when you install issued certificate.
Specify "Private key password", for example "cisco". You'll have to specify this password when installing certificate.
Change key length from 2048 to 1024 bit if using for wireless authentication. PEAP requires 1024 bit and doesn't support 2048 bit keys.
Leave Digest as SHA1.
Click Submit. You'll see CSR in the window on the right. Provide that to your CA to get new certificate.
Once you have the certificate (.cer file) put it on some FTP server. On ACS go to System Configuration > ACS Certificate Setup > Install ACS Certificate. Choose "Read certificate" and click on Download certificate. Specify FTP information to download certificate. Specify "file.pvk" and "cisco" for private key file and password.
Regards,
Roman
07-22-2009 08:43 PM
Hi rrodichev.
thanks for your information, i will try it and get back to you. :) thanks a lot.
have a nice day
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: