Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS can not find its certificate from storage

Hello team:

I am finding problems when trying to install a certificate to my ACS 4.2 (on Windows 2003 Server Standard Edition SP1 - English version). The certificate was enrolled from a Windows Certificate Authority (running on Windows 2003 Enterprise Edition SP2 -english version).

The enrollment process was normal, and the certificate was installed on the local storage in the final step of the enrollment process ("The certificate you requested was issued to you": "Install this certificate" -> Your new certificate has been successfully installed).

But when I want ACS to acknowledge and install this certificate, an error message appears (System Configuration -> ACS Certificate Setup -> Install ACS Certificate -> Use certificate from storage):

"Certificate configuration error: Cannot find certificate with specified common name in the ACS storage"

Has anybody run into a problem like this?

Thank you very much in advance

Rogelio Alvez


Re: ACS can not find its certificate from storage

From the error message itself, are you sure you are using the same CN name as what you used in certificate request?

You can check the following

1. start->run>mmc and then add a certificate snap-in to check if certificate is installed correctly and put in a right storage.

2. Check the certificate to see what CN name it is and make sure you use the same when you configure ACS

New Member

Re: ACS can not find its certificate from storage

Hello Yelong:

1. ¿What would the right storage be for the certificate? I would have expected that the successful message I received when I installed it shoud have been enough proof that the cert was properly located in the right storage within the machine. I will ask the server administrator to start the mmc and let me know whether he is able to see the cert in any storage, and let you know as soon as possible.

2. Yes, the cert´s CN name is exactly the same I have been trying (without success) to use in ACS to make it recognize the new certificate recently installed.

Thank you very much for your help


Re: ACS can not find its certificate from storage

The certificate should be installed in the Personal->Certificate store when you clicked the "install certificate" on CA Web page.

In general, I installed the cert like the following steps.

1. Generate CSR in ACS instead of using CA webpage.

    System Configuration->ACS Certificate Setup->Generate Certificate Signing Request

2. Then you can send certificate request in text file to your CA admin or enroll it via CA webpage directly.

When you request the cert on CA webpage, use "submit a certificate request by using a base-64", then paste your request. Select the certificate template accordingly.

3. Then download certifice in "Base 64 encoded" format.

4. On ACS you can install it from the cert file which you download in step 3.

New Member

Re: ACS can not find its certificate from storage

Hi Yudong:

I will give it a shot and let you know what happened as soon as possible. Unfortunatelly I am not close to the customer site but plan to go back to that place in a couple of days.

Thank you very much for your help.


Cisco Employee

Re: ACS can not find its certificate from storage


Looking your  inputs to validate my understanding.

We can instal the ceritifcate in ACS using opton "Use certificate from storage" and providing the valid CN name. As an option we can also use "Select Certificate From Storage" and choose a ceritifcate from the drop down list. I just want to understand if we must select the "Select Certificate From Storage" option or is it just an option. Along the same lines how is the drop down list populated?


CreatePlease to create content