https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300586#M741531 <HTML><HEAD></HEAD><BODY><P>Clear your cookies in the browser and try again. I've seen that before and clearing cookies helps. If that still doesn't help let me know and I'll send you a PDF of the relevant portion</P><P></P><P>Faisal</P></BODY></HTML> Fri, 13 Nov 2009 14:34:59 GMT Faisal Sehbai 2009-11-13T14:34:59Z https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300583#M741528 <P>Hello there,</P><P>I installed NAC and cutover to production env. without changing the perfigo root certificate. This is because i had no CA server. </P><P>Now i've got a win 2003 Standalone root CA Server configured. What is the impact on requesting certificate from this CA and install it on the NAC server and Manager? </P><P></P><P>regards,</P><P>Stanslaus.</P> Fri, 21 Feb 2020 11:47:40 GMT https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300583#M741528 IT_Data_CorporateNet 2020-02-21T11:47:40Z https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300584#M741529 <HTML><HEAD></HEAD><BODY><P>Stanslaus,</P><P></P><P>No impact if you do it right. Details on adding a cert from 3rd party (in this case your own CA)</P><P></P><P>CAS: <A class="jive-link-custom" href="http://tinyurl.com/yju2jcy" target="_blank">http://tinyurl.com/yju2jcy</A></P><P>CAM: <A class="jive-link-custom" href="http://tinyurl.com/yglhq3w" target="_blank">http://tinyurl.com/yglhq3w</A></P><P></P><P>This is assuming 4.5</P><P></P><P>HTH,</P><P>Faisal</P></BODY></HTML> Thu, 12 Nov 2009 15:38:47 GMT https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300584#M741529 Faisal Sehbai 2009-11-12T15:38:47Z https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300585#M741530 <HTML><HEAD></HEAD><BODY><P>Thanks Faisal.</P><P></P><P>I have tried to access the links but i'm getting the bellow message from both URLs.</P><P></P><P></P><P>Forbidden File or Application</P><P></P><P>The file or application you are trying to access may require additional entitlement or you are trying to access a file with an invalid name. Additional entitlement levels are granted based on a users relationship with Cisco on a per-application basis.</P><P></P><P>If you feel you have reached this page in error, please try one of the following methods to locate your document:</P><P></P><P> 1. If you are manually entering the URL into your browser location bar, be sure to include the file name of the page you are trying to access (file names typically end in .htm, .html or .shtml).</P><P> 2. Use the Search feature located in the upper right section of this page.</P><P> 3. Return to the Cisco.com Home or select a primary site area from the top navigation bar.</P><P> 4. Consult with your Cisco Account Manager to confirm you have the appropriate entitlement to access this page.</P><P></P><P>If you would like to contact someone about this problem, please click on the Contacts &amp; Feedback link below.</P></BODY></HTML> Fri, 13 Nov 2009 07:02:29 GMT https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300585#M741530 IT_Data_CorporateNet 2009-11-13T07:02:29Z https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300586#M741531 <HTML><HEAD></HEAD><BODY><P>Clear your cookies in the browser and try again. I've seen that before and clearing cookies helps. If that still doesn't help let me know and I'll send you a PDF of the relevant portion</P><P></P><P>Faisal</P></BODY></HTML> Fri, 13 Nov 2009 14:34:59 GMT https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300586#M741531 Faisal Sehbai 2009-11-13T14:34:59Z https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300587#M741532 <HTML><HEAD></HEAD><BODY><P>Hi Faisal,</P><P>I've cleared cookies but no success. I've tried 3 different browsers also(Int expl, firefox and Epiphany) but ending up with the same message.</P><P></P><P>regards,</P><P>Stanslaus.</P></BODY></HTML> Fri, 13 Nov 2009 15:49:49 GMT https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300587#M741532 IT_Data_CorporateNet 2009-11-13T15:49:49Z https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300588#M741533 <HTML><HEAD></HEAD><BODY><P>Stanslaus,</P><P></P><P>Within the URL try changing the word partner to customer and try again.</P><P></P><P>If that still doesn't work, email me and I'll send you the relevant portion in PDF</P><P></P><P>HTH,</P><P>Faisal</P></BODY></HTML> Tue, 17 Nov 2009 01:57:29 GMT https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300588#M741533 Faisal Sehbai 2009-11-17T01:57:29Z https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300589#M741534 <HTML><HEAD></HEAD><BODY><P>Hi Faisal,</P><P>I managed to install certificates from my internal CA Server and remove the perfigo certificate. The problem is that users are still required to accept the certificate everytime they login.</P><P></P><P>regards,</P><P>Stanslaus.</P></BODY></HTML> Thu, 26 Nov 2009 08:02:12 GMT https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300589#M741534 IT_Data_CorporateNet 2009-11-26T08:02:12Z https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300590#M741535 <HTML><HEAD></HEAD><BODY><P>Stanslaus,</P><P></P><P>Is the root certificate (from the CA which issued the CAS/CAM certs) installed on the clients? If not, can you please install that root cert on the clients and try again?</P><P></P><P>HTH,</P><P>Faisal</P></BODY></HTML> Thu, 26 Nov 2009 19:57:03 GMT https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300590#M741535 Faisal Sehbai 2009-11-26T19:57:03Z https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300591#M741536 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>We have deployed a similar scenario and we solved this issue by installing an ID cert of every PC; the ID cert of course was issued by the same CA Authority used by the NAC Servers.</P><P></P><P>Hope it helps.</P><P></P><P>DL.</P></BODY></HTML> Fri, 27 Nov 2009 17:20:59 GMT https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300591#M741536 Dennis Leon 2009-11-27T17:20:59Z https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300592#M741537 <HTML><HEAD></HEAD><BODY><P>Hi Denis/Faisal,</P><P>I accessed the CA web from one of PCs giving the warning and found a place to install ceritficate chain ( written "To trust certificates issued from this certification authority, install this CA certificate chain."). I click install and it was successfully installed. The PC keeps on giving the warning. Is this the correct way of installing the root certificate on PC? If not please where can i find a guide on how to request the certificated from the CA?</P><P></P><P>Thanks.</P><P>Stanslaus.</P></BODY></HTML> Mon, 30 Nov 2009 06:46:04 GMT https://community.cisco.com/t5/network-security/nac-ssl-certificates/m-p/1300592#M741537 IT_Data_CorporateNet 2009-11-30T06:46:04Z