I have a nac guest server 2.0.1 and i dont want the clients to get a warning message when they connect to the site so i obtained a cert file from the customer's internal CA.
The signed cert is in .pem format. The customer's security dudes were expecting me to have to enter a password when I applied the cert, however there is no option to do this when you upload the pem file via the GUI.
I got an error saying somethig like "the certificate does not match the private key", so I reboot the server and viola the ssl service is broken. I had to restore the original self signed cert from a backup to get SSL connections to the server working again.
So this is annoying me, how or where do I enter a password to get the CA signed certificate working?
When I rebooted the NGS that time and broke SSL I had the box set to accept SSL connections only so I couldnt even browse back into it.
However, there is a backup of the self signed cert on the box itself in a different directory, you can get at it via ssh. I logged in via ssh, found the backup cert, copied it over the cert I uploaded and rebooted. Then I could browse into it again.
Lesson learnt - make sure you have HTTP enabled before you reboot the box with a new SSL cert Save you a bit of grief.
I have the same issue. Can you please tell me where on the NAC Guest Servier appliance the current imported and original self signed certificate are stored please? Sace me lots of time with find and grep :-)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...