ACS 4.2 HTTPs Transport

ybilteryst · ‎11-27-2009

Hello,

I have 3 ACS servers on Windows. I manage with my system admin the way to use certifacte use by the Activite Directory root authority. So, he created for me 3 certificates. I installed certificate on the ACS servers and all of them said certifcates are valid.

on 2 ACS, when I try to activate HTTPS, I have the following error "Can't initialize HTTPS transport: server or certification authority certificate is not installed."

I regenerate a self signed certifcate and the HTTPs is working. I reinstall the AD certificate, ACS says OK, certifacte is valid but HTTP is not OK.

For my understanding, if the certificate is valid, HTTPS can be activated, I'm right?

Thanks in advance for your help

kush.sri2001 · ‎11-30-2009

Hi,

When you install the ACS certificate issued from a third party or a Microsoft Server CA, you would have to install the CA certificate on the ACS as well.

To install the certificate of the CA on the ACS, go to System Configuration, ACS certificate setup. Here we need to select the "ACS Certification Authority Setup" and install the CA certificate file on the ACS. Now we need to restart the ACS services and go to System Configuration, ACS Certificate Setup. Now go to Edit Trust List and check the entry for the CA in the List.

For more information, you can refer to the Certificate install link at http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/configuration/guide/peap_tls.html#wp1000914

Regards