Specifications
Cisco Systems, Inc.
All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 20 of 42
Refer to Appendix A for instructions on how to configure the Microsoft certification authority server. Following is
the procedure used to obtain a server certificate from a Microsoft certification authority server:
1. On the local ACS machine, point the browser at the Microsoft certification authority server as follows:
http://IP-address-of-Root-CA/certsrv.
2. Log in as the Administrator.
3. Choose “Request a certificate” and click Next.
4. Choose “Advanced request” and click Next.
5. Choose “Submit a certificate request to this CA using form” and click Next.
6. Choose/specify the following options on the Advanced certificate request form:
a. Choose “Web Server” as the certificate template.
b. Specify the name for the certificate being issued to the ACS.
c. Specify 1024 bits as the key size.
d. Choose “Mark keys as exportable.”
e. Choose “Use local machine store” and click Next.
7. Web browsershouldpopup withamessage“Certificate Issued.”Click“Install this certificate.”Thisshould result
in successful installation of a server-side certificate (for EAP-TLS authentication) on the ACS.
Figure 6-2 illustrates steps 2 and 3 (from the above procedure) for obtaining a server certificate from a Microsoft
certification authority server.
Figure 6-2
Steps 2 and 3 for Server Certificate Installation