To use a self-signed certificate, perform the following steps:

1.Click Generate Self-Signed Certificate in the Cisco Secure ACS Certificate Setup window (Figure 7-6).

Figure 7-6 Generating self-signed certificate

2.Fill in the blanks with the appropriate information according to your own installation. Be sure to enable Install generated certificate. In the example used here:

Certificate subject: cn=iisscn_demo

Certificate file: c:\certs\iisscn_demo.cer

Private key file: c:\certs\iisscn_demo.pvk

Key length: 2048 bits

Digest to sign with: SHA1

3.Click Submit.

Chapter 7. Network enforcement subsystem implementation

221

Page 239
Image 239
IBM Tivoli and Cisco manual 221, Generating self-signed certificate