Cisco Systems OL-24201-01 manual Generating Self-Signed Certificates, Eap, 18-16

Table 18-13

Import Server Certificate Page

Option

Description

Certificate File

Select to browse the client machine for the local certificate file.

Private Key File

Select to browse to the location of the private key.

Private Key Password

Enter the private key password. The value may be minimum length = 0 and

maximum length = 256.

Protocol

EAP

Check to associate the certificate with EAP protocols that use SSL/TLS

tunneling: EAP-TLS, EAP-FAST, and PEAP.

Management Interface

Check to associate the certificate with the management interface.

Allow Duplicate

Allows to add certificate with same CN and same SKI with different Valid

Certificates

From, Valid To, and Serial number.

Override Policy

Replace Certificate

Check to replace the content of an existing certificate with the one that you

import, but retain the existing protocol selections.

Add.

Step 2

Select Generate Self Signed Certificate> Next.

Step 3

Enter the information in the ACS Import Server Certificate as described in Table 18-14:

Table 18-14

Generate Self Signed Certificate Step 2

Option

Description

Certificate Subject

Certificate subject entered during generation of this request. The Certificate

Subject field may contain alphanumeric characters. The maximum number of

characters is 1024. This field is prefixed with “cn=”.

Key Length

Key length entered during generation of this request.Values may be 512, 1024,

2048, or 4096.

Digest to Sign with

Select either SHA1 or SHA256 as management certificates, from the

dropdown list.

Expiration TTL

Select the maximum value in days, weeks, months, and years, and enter a

positive integer.

Protocol

User Guide for Cisco Secure Access Control System 5.3

18-16

OL-24201-01