Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

The certificate in the Trust List not found ACS 4.2

Hi guys

I have a problem, after installing the certificate in the ACS (and restart the ACS) the new certificate in the Trust List does not appear.

Any idea?

TIA

Cristian

10 REPLIES
Cisco Employee

The certificate in the Trust List not found ACS 4.2

Hi Cristian,

I'd like to know where exactly you installed the certificate under system configuration > ACS certificate setup.

Only certificate installed under System Configuration > ACS Certificate Setup > ACS Certification Authority Setup will appear in Certificate Trust List.

You may visit the below listed link for more detail.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/configuration/guide/peap_tls.html#wp999606

~BR
Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
Cisco Employee

The certificate in the Trust List not found ACS 4.2

Did you get a chance to check where exactly you installed the cert?

Let us know if you need any further assistance.

~BR
Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
Community Member

The certificate in the Trust List not found ACS 4.2

Hi Jatin

Thanks for your answer, but I don´t know how to do this, because this is a ACS Appliance.

I'm looking for information to do this.

TIA

Cristian.

Cisco Employee

The certificate in the Trust List not found ACS 4.2

I don't think you need to perform any steps. My question was where exactly the certificate was installed.

Only certificate installed under System Configuration > ACS Certificate Setup > ACS Certification Authority Setup will appear in Certificate Trust List.

If you've installed the certificate under system configuration > ACS certificate setup > Install certificate then that would not come up in the certificate Trust list.

~BR
Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
Community Member

The certificate in the Trust List not found ACS 4.2

Dear Jatin

I followed your recomendation and now failed because the CA certificate is not installed.

Pls see the pictures.

TIA

Cristian

Cisco Employee

The certificate in the Trust List not found ACS 4.2

I guess your original query got resolved and now you can see the root CA certificate in the trust list and now you're unable to initiate the peap as an EAP method and getting an error message:

Failed to initialize PEAP or EAP-TLS authentication protocol because CA certificate is  not installed. Well, this occurs for 2 reasons:

1.] The CA certificate is not installed properly. Did you restart the services under system configuration > services control?

2.] The intermediate or subordinate certificate was not installed and that is why you're unable to check Peap as an eap method.

~BR
Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
Cisco Employee

The certificate in the Trust List not found ACS 4.2

You may refer this link:

http://www.cisco.com/en/US/products/sw/secursw/ps208/products_configuration_example09186a0080545a29.shtml#tshoot

~BR
Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
Community Member

The certificate in the Trust List not found ACS 4.2

Dear Jatin

I have a question, How many new certificates must appear in the Trust List?

TIA

Cristian

Cisco Employee

The certificate in the Trust List not found ACS 4.2

It will show you all intermediate and root CA certificates. Even if you change your CA and install a different chain, it will show that as well unless you manually delete them.

~BR
Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
Community Member

The certificate in the Trust List not found ACS 4.2

Dear Jatin

Thanks again.

In this PEAP or EAP-TLS authentication process, what is the flow of traffic between the ACS and the CA or AD?

I need to discard FW issues.

TIA

Cristian

346
Views
10
Helpful
10
Replies
CreatePlease to create content