beautypg.com

Generating a certificate signing request – Cisco 3.3 User Manual

Page 425

background image

10-45

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Chapter 10 System Configuration: Authentication and Certificates

Cisco Secure ACS Certificate Setup

Step 5

Click Delete.

The specified CRL issuer, and all CRLs from that issuer, is deleted from
Cisco Secure ACS.

Generating a Certificate Signing Request

You can use Cisco Secure ACS to generate a certificate signing request (CSR).
After you generate a CSR, you can submit it to a CA to obtain your certificate.
You perform this procedure to generate the CSR for future use with a certificate
enrollment tool.

Note

If you already have a server certificate, you do not need to use this portion of the
ACS Certificate Setup page.

To generate a certificate signing request, follow these steps:

Step 1

In the navigation bar, click System Configuration.

Step 2

Click ACS Certificate Setup and then click Generate Certificate Signing
Request
.

Cisco Secure ACS displays the Generate Certificate Signing Request page.

Step 3

In the Certificate subject box, type values for the certificate fields required by the
CA you want to submit the CSR to. A CN field is mandatory. The format is:

field

=

value

,

field

=

value

, . . .

where field is the field name, such as CN, and value is the applicable value for the
field, such as acs01primary. You can type a maximum of 256 characters in the
“Certificate subject” box. Separate multiple values with commas. For example:

CN=acs01primary, O=WestCoast, C=US, S=California

The following table defines the valid fields that you can include in the “Certificate
subject” box.