Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1148
Views
0
Helpful
2
Replies

Rejected ACS local-certificate with surrogate CA

JPavonM
VIP
VIP

‎11-02-2012 02:59 AM - edited ‎03-10-2019 07:44 PM

I'm going crazy because of clients rejecting ACS certificate.

I have deployed successfully one ACS 5.2 in a HQ with EAP-TLS and PEAP and everything is working fine. There is only one main CA.

Problem is while deploying another ACS 5.2 against another AD with surrogate CAs. I'm getting an error with "12520 EAP-TLS failed SSL/TLS handshake because the client rejected the ACS local-certificate". The clients has the ACS self signed certificate loaded as well as the surrogate CA and the user certificate.

Any suggestion would be appreciated.

Labels:
0 Helpful
2 Replies 2

Tarik Admani
VIP Alumni
VIP Alumni

‎11-02-2012 02:06 PM

Jesus,

Are you saying that the ACS cert is signed or is it a self signed certificate?

Thanks,

Tarik Admani
*Please rate helpful posts*

0 Helpful

JPavonM
VIP
VIP
In response to Tarik Admani

‎11-05-2012 02:00 AM

We have generated a certificate in ACS and it has been signed by the CA.

Then, in Certification authorities we have added both ACS signed certificate and CA certificate (trusted for EAP clients) with its corresponding CRL.

0 Helpful
Customers Also Viewed These Support Documents