cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

ACS 5.1 - Generate Certificate Signing Request

holgerseiler
Beginner
Beginner

Hi all,

a customer of me wants to generate a Certificate Signing Request at Cisco Secure ACS version 5.1.

Certificate Subject is
CN=de00salsec115r1,OU=SEC,OU=Servers,OU=INF Administration,OU=\+DE,DC=emea,DC=dir

The Certificate would be generated but the backslash is missing like this:

CN=de00salsec115r1,OU=SEC,OU=Servers,OU=INF-Administration,OU=+DE,DC=emea,DC=dir

I found at the configuration guide that only alphanumeric characters were allowed:

Certificate subject entered during generation of this request.

The Certificate Subject field may contain alphanumeric characters.

The maximum number of characters is 1024.

This field should automatically prefixed with “cn=”.

Please, could anyone confirm that backslash is not allowed for the certificate subject.

Thanks and kind regards

Holger

1 ACCEPTED SOLUTION

Accepted Solutions

Federico Ziliotto
Cisco Employee
Cisco Employee

Hi Holger,

That's correct, the subject name should contain only alphanumeric characters:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.1/user/guide/admin_config.html#wp1058001

As a further note, since I see you are running ACS 5.1, please be sure of having patch 5 or later installed, in order to avoid the known bug CSCti68031:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCti68031

Since you mentioned that the certificate (so the CSR too) gets generated, I'd guess you are already on this patch (or later).

Regards,

Fede

--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

View solution in original post

3 REPLIES 3

Federico Ziliotto
Cisco Employee
Cisco Employee

Hi Holger,

That's correct, the subject name should contain only alphanumeric characters:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.1/user/guide/admin_config.html#wp1058001

As a further note, since I see you are running ACS 5.1, please be sure of having patch 5 or later installed, in order to avoid the known bug CSCti68031:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCti68031

Since you mentioned that the certificate (so the CSR too) gets generated, I'd guess you are already on this patch (or later).

Regards,

Fede

--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

Thanks for your support.

Kind regards

Holger

Glad this helped Holger.

Please feel free to ping us back in case further help would be needed with your ACS in the future.

Regards,

Fede

--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: