Cisco ACS 4.2 and Windows 2008 R2 CA

Unanswered Question
May 1st, 2012

Has anyone been successfully in getting a cert off of a 2008 R2 CA and imported correct in to ACS 4.2?  I've had and have seen other have the problem with creating a web server certificate from R2 (1024 bit) and putting it in ACS 4.2 only to have HTTPS/SSL no longer work correctly.  I haven't even tested the intended purpose of the cert (EAP-TLS) yet, so who knows if that works.  I've also seen through searching where some one was able to take a 2003 CA web server template and put it into R2 and it work, but I know longer have 2003 available?  Any ideas?

Thanks,

Raun

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
Tarik Admani Wed, 05/02/2012 - 00:29

I have seen issues where the template on the R2 boxes are using elliptical curve cryptography, basically if the template has a '#" charcter in it is what I think causes this process to be used. Try to use a template that doesnt have this in the front and then try to generate a cert against the template you created.

Here is a snip of the guide that I am forwarding you:

Determining Whether to Implement Cryptography Next Generation Algorithms

For Windows Server 2008–based version 3 certificate  templates, the option exists to configure advanced cryptographic  algorithms such as elliptic curve cryptography (ECC). Before configuring  these settings, ensure that the operating systems and applications  deployed in your environment can support these cryptographic algorithms.

http://technet.microsoft.com/en-us/library/cc731705%28v=ws.10%29.aspx

Screenshots in another article:

http://technet.microsoft.com/en-us/library/cc725621%28v=ws.10%29.aspx

Thanks,

Tarik Admani

Actions

Login or Register to take actions

This Discussion

Posted May 1, 2012 at 12:18 PM
Stats:
Replies:1 Avg. Rating:
Views:1171 Votes:0
Shares:0

Related Content

Discussions Leaderboard