Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Replacement of existing certificate

Hi,

Our wireless network uses a certificate that is generated by the ACS. This certificate is expiring with 3 months. We would like to implement a solution with a microsoft ca server but wwe have the following question.

Will the current certificate still be valid when we install the new certificate on the ACS server ?

Since we are not able to push the certificate to all clients at the same time we would like to avoid that the wireless network is unavailable for users with original certificate...

2 REPLIES
Silver

Re: Replacement of existing certificate

If you are installing a server certificate that replaces an existing server certificate, the installation could affect the configuration of the CTL and CRL settings your Cisco Secure ACS. After you have installed a replacement certificate, you should determine whether you need to reconfigure any CTL or CRL settings.

Hall of Fame Super Silver

Re: Replacement of existing certificate

If you are validating the server certificate in the clients, then what you will have to do is add the MS CA to the trusted server list and push that out via GPO to the clients. This way you can avoid any issues. If you are not validating server CA, then it doesn't matter what certificate you use.

-Scott
*** Please rate helpful posts ***
128
Views
0
Helpful
2
Replies
CreatePlease to create content