cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
481
Views
0
Helpful
3
Replies

FYI. Verisign Cert & ACS

uggie
Level 1
Level 1

for those who have troubles getting verisign cert working on the ACS box, i just spoke to a verisign tech support after facing issues with certs. He mentioned that when generating a CSR on ACS, it generates extra info that are not compatible with verisign. Verisign is working on the issue, it is expected to be rectified soon (in a day or two). The tech support refused to give me further info about what version of ACS causing the issue or so... I'm using ACS3.3 at the moment.

3 Replies 3

o-ziltener
Level 1
Level 1

We use Cert's from Thawte and it works fine.

(http://www.thawte.com)

Oliver,

We are using the 1111 appliance with 3.2.3 firmware. I have installed a cert from Thawte which seems OK, however, when I try and enable Peap in Global Config. I just get an error with cert not installed. Have you any ideas? As far as I can tell I have followed the procedure to request and install the cert correctly.

Barry

gamccall
Level 4
Level 4

I've installed a Verisign cert on the ACS with minimal difficulty, but it does take a couple of extra steps.

When generating the cert request on the ACS, you have to enter the complete identification path in the Common Name field of the form. i.e., instead of just cn=Ciscoacs, you have to enter c=US,s=Florida,l=KeyWest,o=TheShirtShack,ou=Accounting,cn=Ciscoacs all on the same line.

Also, if the certificate file format that Verisign sends back is not recognized by the ACS, you can import it into your web browser and then re-export it in the correct format (DER .509 if I recall correctly) and then upload the reformatted cert to the ACS.

It works fine after all that =)

Review Cisco Networking for a $25 gift card