Generating a self-signed certificate – Cisco 3.3 User Manual
Page 429
10-49
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 10 System Configuration: Authentication and Certificates
Cisco Secure ACS Certificate Setup
•
Digest to sign with—Select the hash digest to be used to encrypt the key from
the choices listed. The choices include SHA1, SHA, MD2, and MD5.
•
Install generated certificate—Select this check box if you want
Cisco Secure ACS to install the self-signed certificate that it generates when
you click Submit. If you employ this option, Cisco Secure ACS services must
be restarted after you submit the page for the new settings to be adopted. If
you do not select this option, the certificate file and private key file are
generated and saved, but are not installed into local machine storage.
Generating a Self-Signed Certificate
All fields on the Generate Self-Signed Certificate page are mandatory. For
information on the fields’ contents, see
Self-Signed Certificate Configuration
To generate a self-signed certificate, follow these steps:
Step 1
In the navigation bar, click System Configuration.
Step 2
Click ACS Certificate Setup.
Step 3
Click Generate Self-Signed Certificate.
Cisco Secure ACS displays the Generate Self-Signed Certificate edit page.
Step 4
In the Certificate subject box, type the certificate subject in the form cn=XXXX.
You can enter additional information here, for information see
Certificate Configuration Options, page 10-48
.
Step 5
In the Certificate file box, type the full path and file name for the certificate file.
Step 6
In the Private key file box, type the full path and file name for the private key file.
Step 7
In the Private key password box, type the private key password.
Step 8
In the Retype private key password box, retype the private key password.
Step 9
In the Key length box, select the key length.
Step 10
In the Digest to sign with box, select the hash digest to be used to encrypt the key.