ACS 4.2 Appliance Server 1113 with VeriSign Cert

Unanswered Question
Aug 19th, 2009

Hi NetPro,

i've loaded the VeriSign Cert but somehow i still hitting the major problem.

Scenario 1:

Company A recommend CN = [email protected]

VeriSign recommend CN = test-radius-01.google.com

but, while in the UAT stage . Cert with "CN = test-radius-01.google.com" working on the Laptop . not in the production level.

anyone encountered this before ?

thanks a lot

Jack

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2 (1 ratings)
Loading.
Robert.N.Barrett_2 Thu, 08/20/2009 - 07:01

UAT = User Acceptance Testing?

Not sure what you mean by "working on the Laptop", but if the issue is certificate related, then it's a matter ot trust. Since you don't mention user certs, then I'm guessing you're talking about PEAP authentication. If PEAP auth works on a laptop, and doesn't work on some other machines, then the other machines don't trust the ACS certificate. The entire chain of the certificate must be trusted by the computer trying to connect. Therefore, it must trust the root (the main CA), the intermediate (if there is one), and the actual cert for the machine. If one of the production computers is running a flavor of Windows, do a Start-> Run -> certmgr.msc, and make sure the root CA is in the "Trusted" folders, make sure the issuing CA is in the "Intermediate" folder. That should do it.

If you want to really check if it's a cert issue, just disable the server certificate check on the wireless client (but I don't recommend leaving it that way).

Also - did you install the CA cert on the ACS server?

ney25 Fri, 08/21/2009 - 02:51

Hi,

Thanks for your information, yes UAT stands for User Acceptance Test.

I've installed the CA cert on the ACS Server.

thanks a lot.

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode