https://community.cisco.com/t5/network-security/nac-certificate/m-p/1526208#M737602 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>The clients will communicate with the CAM if they need to download the agent for example and yes, in this situations you also need to trust the CAM cert ortherwise the security warning will show up.</P><P></P><P>It is good practice to have signed certs on the CAM and CAS and usually from the same CA.</P><P></P><P>So, in resume, i would say yes, if you do not want security warnings, then you should install also a cert on the CAM.</P><P></P><P>HTH,<BR />Tiago</P><P></P><DIV class="jive-rendered-content"><DIV class="jive-rendered-content"><P>--</P><P>If&nbsp; this helps you and/or&nbsp; answers your question please mark the question&nbsp; as "answered" and/or rate it, so other users can easily find it.</P></DIV></DIV></BODY></HTML> Sat, 16 Oct 2010 08:19:01 GMT Tiago Antunes 2010-10-16T08:19:01Z https://community.cisco.com/t5/network-security/nac-certificate/m-p/1526207#M737567 <P>Hi All,</P><P>we ordered certificate for CAS only based on documentation. when connect from wired network, it shows CAS IP address on IE and doesn't display warning page and everything works fine. but when connect from wireless, it redirect to CAM IP address and obviously there is no signed certificate for CAM and warning page is shown up. do we need to order certificate for CAM as well?</P><P>thanks</P><P>Alex</P> Fri, 21 Feb 2020 12:07:15 GMT https://community.cisco.com/t5/network-security/nac-certificate/m-p/1526207#M737567 alex goshtaei 2020-02-21T12:07:15Z https://community.cisco.com/t5/network-security/nac-certificate/m-p/1526208#M737602 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>The clients will communicate with the CAM if they need to download the agent for example and yes, in this situations you also need to trust the CAM cert ortherwise the security warning will show up.</P><P></P><P>It is good practice to have signed certs on the CAM and CAS and usually from the same CA.</P><P></P><P>So, in resume, i would say yes, if you do not want security warnings, then you should install also a cert on the CAM.</P><P></P><P>HTH,<BR />Tiago</P><P></P><DIV class="jive-rendered-content"><DIV class="jive-rendered-content"><P>--</P><P>If&nbsp; this helps you and/or&nbsp; answers your question please mark the question&nbsp; as "answered" and/or rate it, so other users can easily find it.</P></DIV></DIV></BODY></HTML> Sat, 16 Oct 2010 08:19:01 GMT https://community.cisco.com/t5/network-security/nac-certificate/m-p/1526208#M737602 Tiago Antunes 2010-10-16T08:19:01Z https://community.cisco.com/t5/network-security/nac-certificate/m-p/1526209#M737637 <HTML><HEAD></HEAD><BODY><P>Alex,</P><P></P><P>Are these two different CASs or the same one you're pointing to?</P><P></P><P>Faisal</P></BODY></HTML> Sun, 17 Oct 2010 04:18:35 GMT https://community.cisco.com/t5/network-security/nac-certificate/m-p/1526209#M737637 Faisal Sehbai 2010-10-17T04:18:35Z