Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

HTTPS RADIUS authentication warns about certificate

I am trying to protect IIS web server from attack with RADIUS on a PIX and when I try to use

aaa authenticate HTTPS xxx.xxx.xxx.xxx outside 0.0.0.0 0.0.0.0 I get a warning on the client browser about the certificate on the PIX. I do not have a certificate on the PIX, only on the IIS server. Is there a way to get a certificate on the PIX or other method of getting rid of the warning? I see only references to hosted CA servers, not the root servers that are trusted outside. Help.

2 REPLIES
Silver

Re: HTTPS RADIUS authentication warns about certificate

You can set up certificates on the pix using microsoft certificate server.

New Member

Re: HTTPS RADIUS authentication warns about certificate

True, but I do not want my users to have to accept an untrusted certificate. I want to use a trusted CA, one of the root trusted ones, not an internal CA.

I only see references to internal CAs to load on the PIX, not trusted ones like Verisign. I do not even mind having the RADIUS login happen over HTTP, as long as I can use THAT RADIUS authentication to open 443 to my Web server. I cannot have IIS open to the outside world on any port without RADIUS and in this case, I want ONLY 443 open to IIS and even that ONLY after RADIUS authenticates.

Thanks for the reply, still looking for answers.

264
Views
1
Helpful
2
Replies
CreatePlease login to create content