Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

802.1X with PEAP

Hello, If I want to use 802.1X with PEAP,is it enough with the self-signed certificate that cames the ACS(for example for https)? Or I need other certificate in the ACS?

Thanks in advance



802.1X with PEAP

Hi there,

The ACS 4.x and 5.x has the option to generate the self-signed certificate which can be used for PEAP connections. If you want to use the feature called "Validate server certificate" in the client side, you only need to export the self-signed certificate and install it in the client side (PC).

If what you have is an ACS 5.x you have the option to generate the self-signed for management or EAP, in this case you need to select EAP.

If what you have is an ACS 4.x then you can skip the previous step, the same certificate should work.

Let me know if it helps.

New Member

802.1X with PEAP

Hello ,thanks for the reply.

If I dont use the "Validate server certificate" in the client, it´s not very secure right?

Another question, so I can just generate another self-signed certificate in the ACS and use PEAP without problems? I don´t need to deploy a CA(for example with windows server) right?

Thanks very much.


802.1X with PEAP


That's correct, for PEAP you don't need an external CA. The ACS server is capable to generate certificates for your PEAP wired or wireless connections.

Well it's more secure to use the "Validate server certificate" option, however even though if you are not implementing this feature, the users still will need to have a valid username/password to get authenticated.

Rate if it helps!

New Member

802.1X with PEAP

HThanks very much