Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

ACS 4.2 Cert Domain Name or IP

I was using a self sign certin my ACS 4.2 and then just advised sour students to unckeck "Validate Server Certificate", but some usere wanting to use there phone have a default setting to verify the cert before establishing a connection and so we have decided to install a valid 3rd party certificate to solve this issue and save the help desk folks numerous callls. In the ACS when you generate a cert request you can use the domain name of the ACS in the request. Would it be better to use the IP of the ACS in this process or should I use the Domain name? I want to make sure we provide the correct info when we request a cert.

Thanks

mike

1 ACCEPTED SOLUTION

Accepted Solutions

Re: ACS 4.2 Cert Domain Name or IP

Use the domain name of the ACS server. Buying in a cert is a far better idea than using self-signed. The cost (which is pretty low anyway) is more than offset by the reduction in support calls!

3 REPLIES
Silver

Re: ACS 4.2 Cert Domain Name or IP

You can use ACS to generate a self-signed digital certificate to use for the PEAP authentication protocol or HTTPS support of ACS administration. This capability supports TLS/SSL protocols and technologies without the requirement of interacting with a CA.

Refer the below URL to know about “ using self-signed certificate”:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/SCAuth.html#wp327462

Re: ACS 4.2 Cert Domain Name or IP

Use the domain name of the ACS server. Buying in a cert is a far better idea than using self-signed. The cost (which is pretty low anyway) is more than offset by the reduction in support calls!

Re: ACS 4.2 Cert Domain Name or IP

Thanks

129
Views
0
Helpful
3
Replies
CreatePlease to create content