Cisco Systems Servers Manuale Utente

Result: Cisco Secure ACS displays the Installed Certificate Information table on 
the ACS Certificate Setup page.

If your Cisco Secure ACS has not already been enrolled with a certificate, you 
do not see the Installed Certificate Information table. Rather, you see the 
Install new certificate table. If this is the case, you can proceed to Step 5.

Click Enroll New Certificate.

Result: A confirmation dialog box appears.

To confirm that you intend to enroll a new certificate, click OK.

Result: The existing Cisco Secure ACS certificate is removed.

You can now install the replacement certificate in the same manner as an original 
certificate. For detailed procedural information, see the 

 

or the 

Cisco Secure ACS comes preconfigured with a list of popular CAs, none of which 
are enabled until you explicitly signify trustworthiness. To specify one or more 
CAs as trusted for user certification, you perform the procedure in the 

.

You perform the procedure in the 

 to add a new CA to your certificate trust 

list (CTL). 

Cisco Secure ACS uses the CTL to verify the client certificates. Only certificates 
that were issued by a CA that exists in the Cisco Secure ACS CTL are trusted by 
Cisco Secure ACS. If all the clients and Cisco Secure ACS are getting their 
certificates from the same CA you do not need to add any CA to the CTL because 
Cisco Secure ACS automatically trusts the CA that issues its certificate. You do 
need to install the certificate for the CA that issued the Cisco Secure ACS Server 
Certificate, but there is no need to add it to the CTL.