ACS 4.2

lance.benfield1 — Mon, 11 Mar 2019 06:53:16 GMT

We have an old ACS 4.2 that needs to have the cert upgraded for SHA2 and I do not see that as a choice in the dropdown menu. SHA1 is the last entry. It needs to be upgraded to match our production LDAP environment. I only have access to this box via IE6 from an old Windows 2003 server. I do not have the local admin password to SSH into the box. Is the SHA2 cert supported on the ACS 4.2 device? If so, how can it be updated?

Thanks,

Lance

Hello Lance. Unfortunately,

nspasov — Fri, 24 Jun 2016 07:49:46 GMT

Hello Lance. Unfortunately, SHA2 is not supported by ACS 4.x. Support for SHA2 was added in ACS v5.2:

http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-2/release/notes/acs_52_rn.html#wp157364

Since ACS 4.x is EoL/EoS you should consider upgrading. However, I would suggest looking at ISE instead of ACS 5.x. Recently, TACACS+ was added to ISE so there are very few features that are not supported by ISE, so I would not be surprised if ACS 5.x also goes into EoL/EoS sometimes this year.

I hope this helps!

Thank you for rating helpful posts!

topic ACS 4.2 in Network Access Control

ACS 4.2

Hello Lance. Unfortunately,