Self-signed certificate configuration options – Cisco 3.3 User Manual
Page 428
Chapter 10 System Configuration: Authentication and Certificates
Cisco Secure ACS Certificate Setup
10-48
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Self-Signed Certificate Configuration Options
The Generate Self-Signed Certificate edit page contains the following mandatory
configuration fields:
•
Certificate subject—The subject for the certificate, prefixed with “cn=”. We
recommend using the Cisco Secure ACS name. For example, “cn=ACS11”.
The Certificate subject field here can contain a number of content entries as
comma-separated items; these include:
–
CN—common name (the mandatory entry)
–
OU—organizational unit name
–
O—organization name
–
S—state or province
–
E—email address
–
L—locality name
For example, the Certificate subject field might appear as follows:
cn=ACS 11, O=Acme Enterprises, [email protected]
•
Certificate file—The full path and filename for the certificate file that you
want to generate. For example, “c:\acs_server_cert\acs_server_cert.cer”.
When you submit this page, Cisco Secure ACS creates the certificate file
using the location and filename you specify.
•
Private key file—The full path and filename for the private key file you want
to generate. For example, “c:\acs_server_cert\acs_server_cert.pvk”. When
you submit this page, Cisco Secure ACS creates the private key file using the
location and filename you specify.
•
Private key password—A private key password for the certificate. Minimum
length for the private key password is 4 characters, and the maximum length
is 64 characters.
•
Retype private key password—The private key password typed again, to
ensure accuracy.
•
Key length—Select the key length from the choices listed. The choices
include 512 bits, 1024 bits, and 2048 bits.