Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS 5.3 EAP-TLS configuration issue

Dear all,

We are trying to configure EAP-TLS for 802.1x user authentication (still working with ACS 4.1 ) with Version : 5.3.0.40.5 ...

I reached the point where i receiveed the following error:

"EAP-TLS failed SSL/TLS handshake because of an unknown CA in the client certificates chain"

So I have 2 questions:

- is there a guideline somewhere as i should have forgotten something ?

- Is there a way to check the certificates chain or to have more logs somewhere in the ACS ?

regards,

vincent.

Everyone's tags (5)
1 REPLY

ACS 5.3 EAP-TLS configuration issue

You will have to import the root and intermediate certificates that are presented from the clients end over to ACS.

Here is a documentation on how to do this - http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/user/guide/users_id_stores.html#wp1158666

Make sure the Trust for Client with EAP-TLS is checked.

thanks,

Tarik Admani
*Please rate helpful posts*

Tarik Admani *Please rate helpful posts*
1175
Views
0
Helpful
1
Replies
CreatePlease to create content