https://community.cisco.com/t5/network-access-control/acs-5-2-eap-tls-with-external-certificates/m-p/1525194#M254392 <P>I had the same issue with 5.5 and still having the issue after upgrading ACS to 5.6.</P> Mon, 13 Apr 2015 16:04:09 GMT ted.schwind 2015-04-13T16:04:09Z https://community.cisco.com/t5/network-access-control/acs-5-2-eap-tls-with-external-certificates/m-p/1525190#M254360 <P>Hi,</P><P></P><P>&nbsp; I have created several server and client certificates of my EAP-TLS infrastructure.</P><P></P><P>With OpenSSL I have successfully installed de CA in the ACS:</P><P></P><P>Users and Identity Stores &gt;&nbsp; ... &gt;&nbsp; Certificate Authorities &gt;&nbsp; Edit: "Ejemplo de Certificado de Servidor CA</P><P></P><P>Issued To:&nbsp; Ejemplo de Certificado de Servidor <BR />Issued By:&nbsp; Ejemplo de Certificado de Servidor <BR />Valid From:&nbsp; 21:21 04.11.2010&nbsp; <BR />Valid To (Expiration):&nbsp; 21:21 03.01.2011&nbsp; <BR />Serial Number:&nbsp; 8b8c79bb7a815d59</P><P></P><P>Also in the Wireless Client the same CA and the client certificate:</P><P></P><P></P><P>Now I must install de server certificate in the ACS, but with the different test I always obtain the same error:</P><P></P><P>"unable to parse certificate"</P><P></P><P></P><P></P><P></P><P>Without the server certificate in the ACS I always obtain the same error:</P><P></P><P>EAP-TLS failed SSL/TLS handshake because of an unknown CA in the client&nbsp; certificates chain</P><P></P><P></P><P>Cisco ACS VERSION INFORMATION<BR />-----------------------------<BR />Version : 5.2.0.26</P><P></P><P></P><P></P><P>server.crt<BR />server.csr<BR />server.key<BR />server.p12<BR />server.pem</P><P></P><P></P><P></P><P></P><P>Best Regards</P> Mon, 11 Mar 2019 00:33:15 GMT https://community.cisco.com/t5/network-access-control/acs-5-2-eap-tls-with-external-certificates/m-p/1525190#M254360 jorge.novo 2019-03-11T00:33:15Z https://community.cisco.com/t5/network-access-control/acs-5-2-eap-tls-with-external-certificates/m-p/1525191#M254364 <HTML><HEAD></HEAD><BODY><P>Did you try to generate CSR from ACS 5.2 itself and then use this CSR to get server certificate from CA server?</P></BODY></HTML> Fri, 05 Nov 2010 16:32:38 GMT https://community.cisco.com/t5/network-access-control/acs-5-2-eap-tls-with-external-certificates/m-p/1525191#M254364 Yudong Wu 2010-11-05T16:32:38Z https://community.cisco.com/t5/network-access-control/acs-5-2-eap-tls-with-external-certificates/m-p/1525192#M254372 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>The ACS certificate must respect the ACS requirements.</P><P><SPAN class="content">Supported certificate formats include, DER, PEM, or Microsoft private key proprietary format. </SPAN></P><P></P><P><SPAN>Please takea look into the config example </SPAN><A class="jive-link-wiki-small" href="https://community.cisco.com/docs/DOC-13545">https://supportforums.cisco.com/docs/DOC-13545</A><SPAN> where it shows how to install a 3rd party cert into the ACS to be used for EAP-TLS.</SPAN></P><P></P><P>You can also find other information at:</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/user/guide/admin_config.html#wp1052640">http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/user/guide/admin_config.html#wp1052640</A><SPAN>.</SPAN></P><P></P><P></P><P>HTH,</P><P>Tiago</P><P></P><DIV class="jive-rendered-content"><DIV class="jive-rendered-content"><P>--</P><P>If&nbsp; this helps you and/or answers your question please mark the question as&nbsp; "answered" and/or rate it, so other users can easily find it.</P></DIV></DIV></BODY></HTML> Mon, 08 Nov 2010 11:41:26 GMT https://community.cisco.com/t5/network-access-control/acs-5-2-eap-tls-with-external-certificates/m-p/1525192#M254372 Tiago Antunes 2010-11-08T11:41:26Z https://community.cisco.com/t5/network-access-control/acs-5-2-eap-tls-with-external-certificates/m-p/1525193#M254382 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P>Were you able to find a solution for this issue.</P></BODY></HTML> Mon, 03 Mar 2014 08:48:21 GMT https://community.cisco.com/t5/network-access-control/acs-5-2-eap-tls-with-external-certificates/m-p/1525193#M254382 Sandeep Verma 2014-03-03T08:48:21Z https://community.cisco.com/t5/network-access-control/acs-5-2-eap-tls-with-external-certificates/m-p/1525194#M254392 <P>I had the same issue with 5.5 and still having the issue after upgrading ACS to 5.6.</P> Mon, 13 Apr 2015 16:04:09 GMT https://community.cisco.com/t5/network-access-control/acs-5-2-eap-tls-with-external-certificates/m-p/1525194#M254392 ted.schwind 2015-04-13T16:04:09Z