8-65
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Chapter8 Establishing Cisco Secure ACS System Configuration CiscoSecure ACS Certificate Setup
Step 3 Select the Manual certificate enrollment option.
Step 4 To have Cisco Secure ACS generate a certificate signing request (CSR), follow
these steps:
a. Select the Generate certificate signing request (CSR) option.
b. In the Certificate subject box, type cn= followed by the name that you would
like to use as subject name in this ACS certificate, for example,
cn=ACSWireless.
c. In the Private key file box, type the full directory path and name of the file
in which the private key is saved, for example, c:\privateKeyFile.pem.
Tip This private key is used later in the certificate installation process.
d. In the Private key password box, type the private key password (that you
have invented).
e. In the Retype private key password box, retype the private key password.
f. From the Key lengt h list, select the length of the key to be used.
Tip The choices for Key length are 512 or 1024 bits. The default and more secure
choice is 1024 bits.
g. From the Digest to sign with list, select the digest (or hashing algorithm).
Tip The choices for Digest to sign with are MD2, MD5, SHA, and SHA1. The
default is SHA1.
Step 5 Click Submit.
Result: Cisco Secure ACS prepares a certification signing request and displays it
in the display area, on the right, under a banner that reads:
Now your certificate signing request is ready. You can copy and paste
it into any certification authority enrollment tool.