cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
609
Views
0
Helpful
4
Replies
Highlighted
Beginner

ACS 4.2 Certficate installation error

Hai,

I am trying to install a certficate on ACS 4.2. These are the following steps that I did.

Generate certificate signing request

Put the

Certificate subject         cn=SRL

Private key file               srl.pvk   --------------(This is just a name)

Private key password    cisco@123

Key length                      1024 Bits

Digest to sign with         SHA1

I got the text file and I validated it through the Microsoft certficate server.Downloaded the certificate  from the server and uploaded to the ACS VIA ftp.

When I am trying to install I m getting the error that   "Either the certificate is expired or not valid".

Certificate status is saying that its valid for 1 yr.

What is Private key file ? What it does when we are creating a signing request?where it is stored?

Can anyone help me to fix this issue?

4 REPLIES 4
Advocate

ACS 4.2 Certficate installation error

Can you check the ACS time settings, make sure that the time is correct.

The private key file is what is used to generate the CSR and builds the public key pair which in this case is the signed certificate.

Also are you using an x509 format certificate?

thanks,

Tarik Admani
*Please rate helpful posts*

Tarik Admani
*Please rate helpful posts*
Beginner

ACS 4.2 Certficate installation error

Hai Tarik,

Thanks for your email

ACS and Certficate server has the same time settings

Following are the steps I have done on the certificate server.


login to certificate server https://X.X.X.X/certsr

Select a task:
click Request a certificate

click submit an advanced certificate request.

click Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.

  
Saved Request:

puting the generated CSR

Certificate Template: EBJ Mobile device or User or Webserver(I tried with all different options)


By default selected the option- DER encoded

download certificate 

Certificate is downloading to my PC and uploading ACS via FTP

"Either the certificate is expired or not valid".

But I can see the certificate is valid for 1 yr

Rising star

ACS 4.2 Certficate installation error

Hi Sreelal,

Did u checked the certificate vendor is in the trust list???? Also when u check the cert properties itself it will show whether its valid / expired. I guess you have chossen the wrong certificate option while raising the CSR/ in Cert server.

Please do rate if the given information helps.

By

Karthik

Beginner

ACS 4.2 Certficate installation error

Certificate Vendor is on trusted list and date says the certificate is valid for 1 yr