Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS 4.2 Appliance Server 1113 with VeriSign Cert

Hi NetPro,

i've loaded the VeriSign Cert but somehow i still hitting the major problem.

Scenario 1:

Company A recommend CN = test-radius-01@google.com

VeriSign recommend CN = test-radius-01.google.com

but, while in the UAT stage . Cert with "CN = test-radius-01.google.com" working on the Laptop . not in the production level.

anyone encountered this before ?

thanks a lot

Jack

4 REPLIES

Re: ACS 4.2 Appliance Server 1113 with VeriSign Cert

UAT = User Acceptance Testing?

Not sure what you mean by "working on the Laptop", but if the issue is certificate related, then it's a matter ot trust. Since you don't mention user certs, then I'm guessing you're talking about PEAP authentication. If PEAP auth works on a laptop, and doesn't work on some other machines, then the other machines don't trust the ACS certificate. The entire chain of the certificate must be trusted by the computer trying to connect. Therefore, it must trust the root (the main CA), the intermediate (if there is one), and the actual cert for the machine. If one of the production computers is running a flavor of Windows, do a Start-> Run -> certmgr.msc, and make sure the root CA is in the "Trusted" folders, make sure the issuing CA is in the "Intermediate" folder. That should do it.

If you want to really check if it's a cert issue, just disable the server certificate check on the wireless client (but I don't recommend leaving it that way).

Also - did you install the CA cert on the ACS server?

New Member

Re: ACS 4.2 Appliance Server 1113 with VeriSign Cert

Hi,

Thanks for your information, yes UAT stands for User Acceptance Test.

I've installed the CA cert on the ACS Server.

thanks a lot.

Re: ACS 4.2 Appliance Server 1113 with VeriSign Cert

Thanks for the points - did installing the CA cert on the ACS server solve the problem?

Re: ACS 4.2 Appliance Server 1113 with VeriSign Cert

Ack - double post

174
Views
2
Helpful
4
Replies