Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
799
Views
0
Helpful
2
Replies

ACS 4.2 enable https

Go to solution
situwayne
Level 1
Level 1

‎02-21-2014 04:06 PM - edited ‎03-10-2019 09:26 PM

I have 2 Cisco ACS appliances running ACS v4.2.0.124.  They are configured for database sync.  I would like to enable HTTPS for administrator sessions.  I want to do self-signed certificate.  I've downloaded an eval v4.2 windows version and tested the procedure successfully. 

My question is how is the appliance different then my test server?  I am confused about the path where to save "Certificate file" and "Private key file".  On my windows server I specified c:\cacs42\acs42.cer and c:\cacs42\acs42.pvk.  Will this example work for my appliances?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee

‎02-22-2014 12:04 AM

Certificate and private key file on a Cisco ACS appliance is generated and get saved on the local HDD.

Certificate file—The certificate file that you want to generate. When you submit this page, ACS creates the certificate file by using the location and filename that you specify.

ACS for Windows—Type the full directory path and name of the file; for example, c:\acs_server_cert\acs_server_cert.cer.

ACS Solution engine—Type only the name of the file; for example, acs_server_cert.cer. You don't need to specify the location.

http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4-2-1/User_Guide/acs421ug/SCAuth.html#wp327500

Are you try to backup this private file, or trying to pull this file out of the appliance? If yes, then the Generate Self-Signed Certificate edit page also contains mandatory configuration fields that you use to specify the FTP server to which the certificate file and the corresponding private key file are transferred:

FTP Server—The IP address or hostname of the FTP server where the certificate file and the corresponding private key file are to be transferred. If you specify a hostname, DNS must be enabled on your network and must be correctly configured on the serial console.

Login—A valid username that enables ACS to access the FTP server.

Tip The Login box accepts domain-qualified usernames in the format DOMAIN\username, which may be required if you are using a Microsoft FTP server.

Password—The password for the username provided in the Login box.

Remote Directory—The directory to which you want to transfer the files. The directory must be specified relative to the FTP root directory.

Let me know if you've any further questions.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee

‎02-22-2014 12:04 AM

Certificate and private key file on a Cisco ACS appliance is generated and get saved on the local HDD.

Certificate file—The certificate file that you want to generate. When you submit this page, ACS creates the certificate file by using the location and filename that you specify.

ACS for Windows—Type the full directory path and name of the file; for example, c:\acs_server_cert\acs_server_cert.cer.

ACS Solution engine—Type only the name of the file; for example, acs_server_cert.cer. You don't need to specify the location.

http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4-2-1/User_Guide/acs421ug/SCAuth.html#wp327500

Are you try to backup this private file, or trying to pull this file out of the appliance? If yes, then the Generate Self-Signed Certificate edit page also contains mandatory configuration fields that you use to specify the FTP server to which the certificate file and the corresponding private key file are transferred:

FTP Server—The IP address or hostname of the FTP server where the certificate file and the corresponding private key file are to be transferred. If you specify a hostname, DNS must be enabled on your network and must be correctly configured on the serial console.

Login—A valid username that enables ACS to access the FTP server.

Tip The Login box accepts domain-qualified usernames in the format DOMAIN\username, which may be required if you are using a Microsoft FTP server.

Password—The password for the username provided in the Login box.

Remote Directory—The directory to which you want to transfer the files. The directory must be specified relative to the FTP root directory.

Let me know if you've any further questions.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
0 Helpful

Go to solution
situwayne
Level 1
Level 1
In response to Jatin Katyal

‎02-24-2014 08:37 AM

Thank you Jatin.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents