![background image](http://html.mh-extra.com/html/cisco/3-3/3-3_user-manual_67327428.webp)
Chapter 10 System Configuration: Authentication and Certificates
Cisco Secure ACS Certificate Setup
10-48
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Self-Signed Certificate Configuration Options
The Generate Self-Signed Certificate edit page contains the following mandatory
configuration fields:
•
Certificate subject
—The subject for the certificate, prefixed with “cn=”. We
recommend using the Cisco Secure ACS name. For example, “cn=ACS11”.
The Certificate subject field here can contain a number of content entries as
comma-separated items; these include:
–
CN
—common name (the mandatory entry)
–
OU
—organizational unit name
–
O
—organization name
–
S
—state or province
–
E
—email address
–
L
—locality name
For example, the Certificate subject field might appear as follows:
cn=ACS 11, O=Acme Enterprises, [email protected]
•
Certificate file
—The full path and filename for the certificate file that you
want to generate. For example, “c:\acs_server_cert\acs_server_cert.cer”.
When you submit this page, Cisco Secure ACS creates the certificate file
using the location and filename you specify.
•
Private key file
—The full path and filename for the private key file you want
to generate. For example, “c:\acs_server_cert\acs_server_cert.pvk”. When
you submit this page, Cisco Secure ACS creates the private key file using the
location and filename you specify.
•
Private key password
—A private key password for the certificate. Minimum
length for the private key password is 4 characters, and the maximum length
is 64 characters.
•
Retype private key password
—The private key password typed again, to
ensure accuracy.
•
Key length
—Select the key length from the choices listed. The choices
include 512 bits, 1024 bits, and 2048 bits.