NAC 4.1.3

Answered Question
Jul 29th, 2010
User Badges:

Hello Friends,


I have setup a New NAC 4.1.3. when users login they get the popup of certificate to press the YES button, i have generated the certificate in manager and server as per the user guide,


where i m missing something???? i think something in the certificate. The Certificate that i generated will be valid till when??


Thanks,

Correct Answer by Tiago Antunes about 6 years 5 months ago

Yep, that is one way of doing it.

Make sure you import it under the trusted root certification authorities.


HTH,
Tiago


--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

Correct Answer by thomasandy32 about 6 years 5 months ago

Hello Tiago,


Which is the place that i have to manually install the cert file in client PC is it the right place below i m heading to.


Internet Explorer>Tools>Content>Certificate>Import


I have exported a certificate from CAS  trusted Certificate Authorities TAB.


Thanks.

Correct Answer by mansrini about 6 years 10 months ago

Hi Estela,


4.1.3 uses perfigo signed certs and it is a matter of importing the perfigo root certs to your PC's to get rid of that popup error. You may need to figure out ways such as window GPO's to automate this job. But given the fact that perfigo CA is a non standard CA, it is recommended to purchase a cert from 3rd party CA's such as verisign, godaddy etc and install them on the CAS. Most/ All PC' will have this CA cert installed by default and they wont see this popup error also.


Thanks,

Mani

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.9 (8 ratings)
Loading.
Correct Answer
mansrini Fri, 07/30/2010 - 14:23
User Badges:
  • Cisco Employee,

Hi Estela,


4.1.3 uses perfigo signed certs and it is a matter of importing the perfigo root certs to your PC's to get rid of that popup error. You may need to figure out ways such as window GPO's to automate this job. But given the fact that perfigo CA is a non standard CA, it is recommended to purchase a cert from 3rd party CA's such as verisign, godaddy etc and install them on the CAS. Most/ All PC' will have this CA cert installed by default and they wont see this popup error also.


Thanks,

Mani

thomasandy32 Sun, 12/05/2010 - 12:58
User Badges:

Hello Friends,


The cacerts.cer file which is located in Trusted Certificate Authorities that has to be distributed through GP, I just want to do for 1 user PC than i will do with the rest where i have to put these cacerts.cer manually in end user PC??????


Thanks,

Tiago Antunes Mon, 12/06/2010 - 23:24
User Badges:
  • Cisco Employee,

Hi,


You have to put the CA cert (or the CAS and CAM cert if using the SSC) under the trusted certification authorities of the client PC, so that the client trusts the perfigo certs.


HTH,
Tiago


--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

Correct Answer
thomasandy32 Tue, 12/07/2010 - 06:17
User Badges:

Hello Tiago,


Which is the place that i have to manually install the cert file in client PC is it the right place below i m heading to.


Internet Explorer>Tools>Content>Certificate>Import


I have exported a certificate from CAS  trusted Certificate Authorities TAB.


Thanks.

Correct Answer
Tiago Antunes Tue, 12/07/2010 - 06:46
User Badges:
  • Cisco Employee,

Yep, that is one way of doing it.

Make sure you import it under the trusted root certification authorities.


HTH,
Tiago


--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

thomasandy32 Tue, 12/07/2010 - 07:53
User Badges:

Thanks Tiago,


Many thanks for clearing doub'ts.


The Ratings are not reflecting by a (TICK) on thread.


Thanks

Actions

This Discussion