Educause Security Discussion mailing list archives
Re: Cisco ACS 3.3 Certificate Configuration
From: "Truong, Joseph" <Joseph.Truong () UCSFMEDCTR ORG>
Date: Wed, 17 Mar 2010 11:26:32 -0700
Andrew, You will need 2 CSRs' and install individually on each of the servers. You also need to have individually name of each server for the certificate signing request to submit to the certificate authority. Joseph Truong Senior Network Engineer & Security Analyst UCSF Medical Center Enterprise Information Technology Services Tel: 415-353-4599 Office Tel: 415-717-4846 Cell Email: Joseph.truong () ucsfmedctr org<mailto:Joseph.truong () ucsfmedctr org> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Andrew Davis Sent: Wednesday, March 17, 2010 9:06 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Cisco ACS 3.3 Certificate Configuration Hello, I am moving away from using a self-signed certificate to getting a cert cut from a trusted root CA. My question is this - I have 2 ACS appliances (ver 3.3) that I have set up as a primary and secondary authenticator for our PEAP wireless clients. I have replication functioning between the 2 ACS appliances. I want to generate a CSR and install a certificate on each of the ACS appliances. Can I use the same certificate on both ACS appliances and just list both hostnames in the SAN field, or will I need a unique certificate for each appliance? In looking over the ACS documentation on generating a certificate signing request - I do not see 'SAN' listed as a valid field in the Certificate Subject - so I may have answered my own question. Any thoughts on using the same certificate on both ACS servers, or am I stuck generating 2 CSRs and installing 2 separate certificates? Thanks! Andrew Davis, CCNA Network Support Riverside Community College
Current thread:
- Cisco ACS 3.3 Certificate Configuration Andrew Davis (Mar 17)
- <Possible follow-ups>
- Re: Cisco ACS 3.3 Certificate Configuration Truong, Joseph (Mar 17)
- Re: Cisco ACS 3.3 Certificate Configuration Todd Gould (Mar 17)