Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
998
Views
0
Helpful
5
Replies

ACS working with Oracle 10G LDAP

dopenfield
Level 1
Level 1

‎11-22-2004 12:46 PM - edited ‎03-10-2019 01:54 PM

Attempting to configure SSL communications between ACS 3.2 and Oracle 10G OID LDAP.

Anyone have pointers to any examples for this particular environment.

We have verified SSL works via an LDAP browser but cannot get ACS to communicate via SSL. We have changed the port to 636 and been through the steps in the ACS Users Guide.

Both servers have certificates installed from the same CA.

Configuration tasks on ACS ask for specification of Certificate path (cert7.db). Unsure of format of response in this field. Should be a path on the ACS server? LDAP Server?

Labels:
0 Helpful
5 Replies 5

dopenfield
Level 1
Level 1

‎11-22-2004 02:16 PM

Found this text in one document but don't understand how to create this....We are not using Netscape...

To perform secure authentication using SSL, you must provide a cert7.db certificate database file. Cisco Secure ACS requires a certificate database so that it can establish the SSL connection. The certificate database must be local to the Cisco Secure ACS Windows server.

Cisco Secure ACS requires a cert7.db certificate database file for each LDAP server you configure. For example, to support users distributed in multiple LDAP trees, you could configure two LDAP instances in Cisco Secure ACS that would communicate with the same LDAP servers. Each LDAP instance would have a primary and secondary LDAP server. Even though the two LDAP configurations share the same primary server, each LDAP configuration requires that you download a certificate database file to Cisco Secure ACS.

--------------------------------------------------------------------------------

Note The database must be a cert7.db certificate database file. No other filename is supported.

0 Helpful

daniel.keith
Level 1
Level 1
In response to dopenfield

‎09-13-2005 07:26 AM

Where and how do you get this Cert7.db file? I don't have time to download all the makefiles and source codes to compile this myself. I'm beginning to think that's going to be my only option. Why doesn't Cisco provide these tools for the servers that require them?

0 Helpful

ongeti
Level 1
Level 1
In response to daniel.keith

‎03-22-2006 05:38 AM

Hi, do you guys have the answer for this on how do we get the cert7.db file?

I'm having problem getting SSL to work with ACS and Novell LDAP. Thanks.

0 Helpful

dopenfield
Level 1
Level 1
In response to ongeti

‎03-22-2006 07:56 AM

I had to download an older version of Netscape to create the cert file.

0 Helpful

michel.berezowski
Level 1
Level 1
In response to dopenfield

‎07-12-2006 12:32 AM

which netscape version ?

netscape 6, communicator , ... ?

and the OS ? (windows XP, 98, ...)

can you post here detail and procedure please.

thank.

0 Helpful
Customers Also Viewed These Support Documents