Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Secure ACS 1113 Appliance Server and Verysign

Hi Netpro,

does anyone know about the Cisco Appliance server 1113 can generate the Certificate Signing Request ? how to make this working with Verisign server ?

your reply will be highly appreciated.

thanks a lot.

2 REPLIES

Re: Secure ACS 1113 Appliance Server and Verysign

Yes

Go to System Configuration > ACS Certificate Setup > Generate Certificate Signing Request

Specify Certificate Subject, it could be as short as "CN=acs.domain.com"

Specify Private Key File name, for example "file.pvk"

This file will be stored on ACS appliance in some location and contains the private/public key pair. You will have to specify this file name "file.pvk" on another page in ACS when you install issued certificate.

Specify "Private key password", for example "cisco". You'll have to specify this password when installing certificate.

Change key length from 2048 to 1024 bit if using for wireless authentication. PEAP requires 1024 bit and doesn't support 2048 bit keys.

Leave Digest as SHA1.

Click Submit. You'll see CSR in the window on the right. Provide that to your CA to get new certificate.

Once you have the certificate (.cer file) put it on some FTP server. On ACS go to System Configuration > ACS Certificate Setup > Install ACS Certificate. Choose "Read certificate" and click on Download certificate. Specify FTP information to download certificate. Specify "file.pvk" and "cisco" for private key file and password.

Regards,

Roman

New Member

Re: Secure ACS 1113 Appliance Server and Verysign

Hi rrodichev.

thanks for your information, i will try it and get back to you. :) thanks a lot.

have a nice day

231
Views
5
Helpful
2
Replies
CreatePlease to create content