Solved

ACS 5.4 Wildcard SSL Certificate

Posted on 2014-11-02
3
328 Views
Last Modified: 2014-11-17
Hi experts,

I have a Wildcard SSL Certificate, I also have the files .pem, .key and the .cert.  I install the .key file on the Local Certificates TAB but according to several articles that I google I should export the created cert and send it to the CERTIFICATE AUTHORITY. Will this be the process?
Please advise
0
Comment
Question by:chenzovicc
3 Comments
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
Comment Utility
you are not given the subordinate certificate authorization from the issuing site.  If you look at your certificate you will see what roles it is valid for. i.e. Server encryption, Client Encryption, identify machine, you will not see issue certificates, so adding it to your certificate authority is a waste of time.
0
 
LVL 61

Accepted Solution

by:
btan earned 500 total points
Comment Utility
First most, you should be more of either using internal CA (which I suspect you do not have) or external trusted CA to generate the SSL server cert required for ACS appliance. All these will requires the generation of cert service request (CSR) so that CA can issued the cert for subsequent importing.

Apparently, you may be using self signed (you can check based on your cert whether which is the CA stated it  likely the device itself (assuming that you generate that cert from the equipment). Note there is no sharing of your private key to CA and should not be happening except for those originally CA issued - not the other way round. Same applies for renewal CSR..

Can reference below for more details on the ACS steps
 - (example of using external CA) https://www.sslshopper.com/cisco-secure-acs-ssl-installation-instructions.html
 - (example of using internal CA in pdf but may be old) http://www.cisco.com/c/en/us/support/docs/security/secure-access-control-server-solution-engine/49941-config-acs-sol-eng.html

Side note - SSL Wildcard Certificates won't work for multiple levels. This means that an SSL Certificate Wildcard for *.mydomain.com won't work on www.mail.mydomain.com
0
 

Author Closing Comment

by:chenzovicc
Comment Utility
Thanks for your help
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now