18-18
User Guide for Cisco Secure Access Control System 5.4
OL-26225-01
Chapter18 M anaging System Administration Configurations
Adding Local Server Certificates
Binding CA Signed Certificates
Use this page to bind a CA signed certificate to the request that was used to obtain the certificate from
the CA.
Step1 Select System Administration > Configurations > Local Server Certificates > Local Certificates >
Add.
Step2 Select Bind CA Signed Certificate > Next.
Step3 Enter the information in the ACS Import Server Certificate as described in Table18-16:
Step4 Click Finish.
The new certificate is saved. The Local Certificate Store page appears with the new certificate.
Related Topics
Configuring Local Server Certificates, page18-14
Certificate-Based Network Access, page 4-10
Editing and Renewing Certificates
You can renew an existing self-signed certificate without having to remove it and adding a new
certificate. This ensures that any service that uses the local certificate continues without any interruption.
To renew or extend a local server certificate:
Step1 Select System Administration > Configuration > Local Server Certificates > Local Certificates.
Step2 Click the name that you want to modify; or, check the check box for the Name, and click Edit.
Step3 Enter the certificate properties as described in Table18-17:
Table18-16 Bind CA Signed Certificate Step 2
Option Description
Certificate File Browse to the client machine and select the certificate file to be imported.
Protocol
EAP Check to associate the certificate with EAP protocols that use SSL/TLS
tunneling: EAP-TLS, EAP-FAST, and PEAP.
Management Interface Check to associate the certificate with the management interface.
Allow Duplicate
Certificates
Allows to add certificate with same CN and same SKI with different Valid
From, Valid To, and Serial number.
Override Policy
Replace Certificate Check to replace the content of an existing certificate with the one that you
import, but retain the existing protocol selections.