ACS 5.4 Wildcard SSL Certificate

Hi experts,

I have a Wildcard SSL Certificate, I also have the files .pem, .key and the .cert.  I install the .key file on the Local Certificates TAB but according to several articles that I google I should export the created cert and send it to the CERTIFICATE AUTHORITY. Will this be the process?
Please advise
chenzoviccAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
you are not given the subordinate certificate authorization from the issuing site.  If you look at your certificate you will see what roles it is valid for. i.e. Server encryption, Client Encryption, identify machine, you will not see issue certificates, so adding it to your certificate authority is a waste of time.
0
btanExec ConsultantCommented:
First most, you should be more of either using internal CA (which I suspect you do not have) or external trusted CA to generate the SSL server cert required for ACS appliance. All these will requires the generation of cert service request (CSR) so that CA can issued the cert for subsequent importing.

Apparently, you may be using self signed (you can check based on your cert whether which is the CA stated it  likely the device itself (assuming that you generate that cert from the equipment). Note there is no sharing of your private key to CA and should not be happening except for those originally CA issued - not the other way round. Same applies for renewal CSR..

Can reference below for more details on the ACS steps
 - (example of using external CA) https://www.sslshopper.com/cisco-secure-acs-ssl-installation-instructions.html
 - (example of using internal CA in pdf but may be old) http://www.cisco.com/c/en/us/support/docs/security/secure-access-control-server-solution-engine/49941-config-acs-sol-eng.html

Side note - SSL Wildcard Certificates won't work for multiple levels. This means that an SSL Certificate Wildcard for *.mydomain.com won't work on www.mail.mydomain.com
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
chenzoviccAuthor Commented:
Thanks for your help
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.