Solved

ACS 5.4 Wildcard SSL Certificate

Posted on 2014-11-02
3
353 Views
Last Modified: 2014-11-17
Hi experts,

I have a Wildcard SSL Certificate, I also have the files .pem, .key and the .cert.  I install the .key file on the Local Certificates TAB but according to several articles that I google I should export the created cert and send it to the CERTIFICATE AUTHORITY. Will this be the process?
Please advise
0
Comment
Question by:chenzovicc
3 Comments
 
LVL 79

Expert Comment

by:David Johnson, CD, MVP
ID: 40418822
you are not given the subordinate certificate authorization from the issuing site.  If you look at your certificate you will see what roles it is valid for. i.e. Server encryption, Client Encryption, identify machine, you will not see issue certificates, so adding it to your certificate authority is a waste of time.
0
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 40418897
First most, you should be more of either using internal CA (which I suspect you do not have) or external trusted CA to generate the SSL server cert required for ACS appliance. All these will requires the generation of cert service request (CSR) so that CA can issued the cert for subsequent importing.

Apparently, you may be using self signed (you can check based on your cert whether which is the CA stated it  likely the device itself (assuming that you generate that cert from the equipment). Note there is no sharing of your private key to CA and should not be happening except for those originally CA issued - not the other way round. Same applies for renewal CSR..

Can reference below for more details on the ACS steps
 - (example of using external CA) https://www.sslshopper.com/cisco-secure-acs-ssl-installation-instructions.html
 - (example of using internal CA in pdf but may be old) http://www.cisco.com/c/en/us/support/docs/security/secure-access-control-server-solution-engine/49941-config-acs-sol-eng.html

Side note - SSL Wildcard Certificates won't work for multiple levels. This means that an SSL Certificate Wildcard for *.mydomain.com won't work on www.mail.mydomain.com
0
 

Author Closing Comment

by:chenzovicc
ID: 40449047
Thanks for your help
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Beyond Tools A conversation I recently had with the DevOps manager of a major online retailer really made me think about DevOps monitoring tools (https://www.onpage.com/devops-incident-management-tool/). The manager and I discussed how sever…
As a business owner, there are many things that keep you up at night. Profit margins, employee retention, human resource protocols, whether your product or service will remain competitive. When you own or manage a technology company that operates la…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question