Chapter 8 Establishing Cisco Secure ACS System Configuration
Cisco Secure ACS Certificate Setup
8-74
User Guide for Cisco Secure ACS for Windows Server
78-14696-01, Version 3.1
Installing a Cisco Secure ACS Server Certificate
Perform this procedure to install (that is, enroll) a server certificate for your
Cisco Secure ACS. You can perform certificate enrollment to support EAP-TLS
and PEAP authentication, as well as to support HTTPS protocol for GUI access
to Cisco Secure ACS.
Before You Begin
You must have a server certificate for your Cisco Secure ACS before you can
install it. With Cisco Secure ACS, certificate files must be in Base64-encoded
X.509. If you do not already have a server certificate in storage, you can use the
procedure in
Generating a Certificate Signing Request, page 8-78
, or any other
means, to obtain a certificate for installation.
If you want to use a server certificate from local machine storage, we recommend
that you read Extensible Authentication Protocol Transport Layer Security
Deployment Guide for Wireless LAN Networks, available on the
Cisco Secure ACS CD and at
http://www.cisco.com/warp/public/cc/pd/sqsw/sq/
tech/index.shtml
. This white paper provides information about how to add a
certificate to machine storage and how to configure a Microsoft certification
authority server for use with Cisco Secure ACS.
To install an existing certificate for use on Cisco Secure ACS, follow these steps:
Step 1
In the navigation bar, click System Configuration.
Step 2
Click ACS Certificate Setup.
Step 3
Click Install ACS Certificate.
Result: Cisco Secure ACS displays the Install ACS Certificate page.
Step 4
You must specify whether Cisco Secure ACS reads the certificate from a specified
file or uses a certificate already in storage on the local machine. Do one of the
following:
•
To specify that Cisco Secure ACS reads the certificate from a specified file,
select the Read certificate from file option, and then type the full directory
path and filename of the certificate file in the Certificate file box.