Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Issue with certifcate on Cisco ACS

We are wanting to authenticate our internal wireless users using our Cisco ACS running 5.3.  The ACS will poll our Active Directory environment for the username and password provided.  I created a CSR on the ACS and provided it to Entrust.  They provided me with a root, chain and server certificate.  I binded the server certificate to the CSR under System Administration>Local Server Certificates>Local Certificates.  I then added the chain and root certificates to the location Users and Identity Stores>Certificate Authorities.  When I try to connect on a client laptop it asks for a username and password but after entering that information I am presented with the below certificate warning.  This certificate is from Entrust and I see the root certificate in the root store on the laptop.  Any ideas what would cause this.  TAC does not seem to have any answers.  They say it is a client machine problem.

Untitled.jpg              

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Issue with certifcate on Cisco ACS

In case you'd like to verify the settings in your setup.

http://www.cisco.com/en/US/products/ps10315/products_configuration_example09186a0080bd1100.shtml

~BR
Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
2 REPLIES
Cisco Employee

Issue with certifcate on Cisco ACS

From the problem description, it's clear that you're attempting to connect user on a wireless network via peap. From the ACS stand point, your configuration looks good. However, I'd like to know what all certificate have you installed on the client side. Do we have complete chain installed on the client that includes Root CA and intermediate (if any). Would you mind emailing me your complete certificate chain for my reference?

Also, let me know what OS and supplicant are we running on end client?

~BR
Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
Cisco Employee

Issue with certifcate on Cisco ACS

In case you'd like to verify the settings in your setup.

http://www.cisco.com/en/US/products/ps10315/products_configuration_example09186a0080bd1100.shtml

~BR
Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
506
Views
4
Helpful
2
Replies