Cisco Systems Servers Manuale Utente
Chapter 8 Establishing Cisco Secure ACS System Configuration
Certification Authority Setup
8-70
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Result: Cisco Secure ACS displays the Installed Certificate Information table on
the ACS Certificate Setup page.
the ACS Certificate Setup page.
Note
If your Cisco Secure ACS has not already been enrolled with a certificate, you
do not see the Installed Certificate Information table. Rather, you see the
Install new certificate table. If this is the case, you can proceed to Step 5.
do not see the Installed Certificate Information table. Rather, you see the
Install new certificate table. If this is the case, you can proceed to Step 5.
Step 3
Click Enroll New Certificate.
Result: A confirmation dialog box appears.
Step 4
To confirm that you intend to enroll a new certificate, click OK.
Result: The existing Cisco Secure ACS certificate is removed.
Step 5
You can now install the replacement certificate in the same manner as an original
certificate. For detailed procedural information, see the
certificate. For detailed procedural information, see the
or the
Certification Authority Setup
Cisco Secure ACS comes preconfigured with a list of popular CAs, none of which
are enabled until you explicitly signify trustworthiness. To specify one or more
CAs as trusted for user certification, you perform the procedure in the
are enabled until you explicitly signify trustworthiness. To specify one or more
CAs as trusted for user certification, you perform the procedure in the
.
You perform the procedure in the
to add a new CA to your certificate trust
list (CTL).
Cisco Secure ACS uses the CTL to verify the client certificates. Only certificates
that were issued by a CA that exists in the Cisco Secure ACS CTL are trusted by
Cisco Secure ACS. If all the clients and Cisco Secure ACS are getting their
certificates from the same CA you do not need to add any CA to the CTL because
Cisco Secure ACS automatically trusts the CA that issues its certificate. You do
need to install the certificate for the CA that issued the Cisco Secure ACS Server
Certificate, but there is no need to add it to the CTL.
that were issued by a CA that exists in the Cisco Secure ACS CTL are trusted by
Cisco Secure ACS. If all the clients and Cisco Secure ACS are getting their
certificates from the same CA you do not need to add any CA to the CTL because
Cisco Secure ACS automatically trusts the CA that issues its certificate. You do
need to install the certificate for the CA that issued the Cisco Secure ACS Server
Certificate, but there is no need to add it to the CTL.