Solved

ACS 5.4 Wildcard SSL Certificate

Posted on 2014-11-02
3
366 Views
Last Modified: 2014-11-17
Hi experts,

I have a Wildcard SSL Certificate, I also have the files .pem, .key and the .cert.  I install the .key file on the Local Certificates TAB but according to several articles that I google I should export the created cert and send it to the CERTIFICATE AUTHORITY. Will this be the process?
Please advise
0
Comment
Question by:chenzovicc
3 Comments
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 40418822
you are not given the subordinate certificate authorization from the issuing site.  If you look at your certificate you will see what roles it is valid for. i.e. Server encryption, Client Encryption, identify machine, you will not see issue certificates, so adding it to your certificate authority is a waste of time.
0
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 40418897
First most, you should be more of either using internal CA (which I suspect you do not have) or external trusted CA to generate the SSL server cert required for ACS appliance. All these will requires the generation of cert service request (CSR) so that CA can issued the cert for subsequent importing.

Apparently, you may be using self signed (you can check based on your cert whether which is the CA stated it  likely the device itself (assuming that you generate that cert from the equipment). Note there is no sharing of your private key to CA and should not be happening except for those originally CA issued - not the other way round. Same applies for renewal CSR..

Can reference below for more details on the ACS steps
 - (example of using external CA) https://www.sslshopper.com/cisco-secure-acs-ssl-installation-instructions.html
 - (example of using internal CA in pdf but may be old) http://www.cisco.com/c/en/us/support/docs/security/secure-access-control-server-solution-engine/49941-config-acs-sol-eng.html

Side note - SSL Wildcard Certificates won't work for multiple levels. This means that an SSL Certificate Wildcard for *.mydomain.com won't work on www.mail.mydomain.com
0
 

Author Closing Comment

by:chenzovicc
ID: 40449047
Thanks for your help
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

No single Antivirus application (despite claims by manufacturers) will catch or protect you from all Virus / Malware or Spyware threats. That doesn't stop you from further protecting yourself however - and this article is to show you how.
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question