Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

7925G EAP-TLS problem

Hi,

I'm trying to use EAP-TLS with my 7925G IP Phone.

The RADIUS is an ACS 4.1 server and the CA is an Windows AD 2003 server.

Through the 7925G web page, i generate a Certificate Signing Request (CSR) that i sent to my Certificate Authority to sign. On this CSR i've changed the Common Name to Cisco-7925 (which matches the user name created in the ACS server), but the certificate generated by my CA contains 2 Common Names, one is "Users" and the second one is "Cisco-7925".

So as i try to authenticate my IP Phone with the "Cisco-7925" username, i get a deny because the ACS tries to search int its database for a "Users" username.

How can i remove the Common Name "Users" from the certificate ?

By the way, i followed the same procedure for 7921G IP Phone and it works, so i don't understand why i have this "Users" Common Name.

Thanks in advance for your help.

Kind regards,

El bachir.

1 REPLY
Cisco Employee

Re: 7925G EAP-TLS problem

Hi El bachir

Do you have CSR request you have created to anylze with OpenSSL to verify if there are already to two CN in the request?

Thanks

Roger

760
Views
0
Helpful
1
Replies