Chapter 18 Managing System Administration Configurations

Adding Local Server Certificates

Table 18-14 Generate Self Signed Certificate Step 2

Option

Description

 

 

Management

Check to associate the certificate with the management interface.

Interface

 

 

 

Override Policy

 

Replace Certificate

Check to replace the content of an existing certificate with the one that you import, but retain the existing protocol selections.

Step 4 Click Finish.

The new certificate is saved. The Local Certificate Store page appears with the new certificate.

Generating a Certificate Signing Request

Step 1 Select System Administration > Configurations > Local Server Certificates > Local Certificates >

 

Add.

 

 

Step 2

Select Generate Certificate Signing Request > Next.

Step 3

Enter the information in the ACS Import Server Certificate as described in Table 18-15:

 

Table 18-15

Generate Signing Requests Step 2

 

 

 

 

 

Option

 

Description

 

 

 

 

Certificate Subject

Certificate subject entered during generation of this request. The

 

 

 

Certificate Subject field may contain alphanumeric characters. The

 

 

 

maximum number of characters is 1024. This field is prefixed with “cn=”.

 

 

 

 

 

Key Length

 

Key length entered during generation of this request.Values may be 512,

 

 

 

1024, 2048, or 4096.

 

 

 

 

Digest to Sign with

Select either SHA1 or SHA256 as management certificates, from the

 

 

 

dropdown list.

 

 

 

 

Step 4

Click Finish.

 

 

 

The following message is displayed:

A server certificate signing request has been generated and can be viewed in the “Outstanding Signing Requests" list.

The new certificate is saved. The Local Certificate Store page appears with the new certificate.

Binding CA Signed Certificates

Use this page to bind a CA signed certificate to the request that was used to obtain the certificate from the CA.

 

 

User Guide for Cisco Secure Access Control System 5.3

 

 

 

 

 

 

OL-24201-01

 

 

18-17

 

 

 

 

 

Page 531
Image 531
Cisco Systems OL-24201-01 Generating a Certificate Signing Request, Binding CA Signed Certificates, Click Finish, 18-17