Manualshelf

Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance
571572573574575576577578579580
14-12
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 14 Administering the CAM
Manage CAM SSL Certificates
Step 3 Type appropriate values for the following fields:
Full Domain Name or IP—The fully qualified domain name or IP address of the Clean Access
Manager for which the certificate is to apply. For example:
camanager.<your_domain_name>
Organization Unit Name—The name of the unit within the organization, if applicable.
Organization Name—The legal name of the organization.
City Name—The city in which the organization is legally located.
State Name—The full name of the state in which the organization is legally located.
2-letter Country Code—The two-character, ISO-format country code, such as GB for Great Britain
or US for the United States.
Step 4 Specify whether you want the new temporary certificate to use a 1024-, 2048-, or 4096-bit RSA Key
Size.
Step 5 When finished, click Generate. This generates a new temporary certificate and new Private Key.
Step 6 For FIPS 140-2 compliant appliances, be sure to be sure to restore your current trusted-CA certificate
and Private Key from an external machine.
Note The CCA Manager Certificate entry at the top of the certificate display table specifies the full
distinguished name of the current CAM SSL certificate. You are required to enter the full distinguished
name of the CAM in the CAS web console if you are setting up Authorization between your CAM and
CASs. For more information, see Configure Clean Access Manager-to-Clean Access Server
Authorization, page 2-5.
Generate and Export a Certification Request (Non-FIPS CAM Only)
Note The Administration > CCA Manager > SSL > X509 Certification Request subtab does not appear in
the CAM web console on a FIPS 140-2 compliant appliance.
Generating a CSR creates a PEM-encoded PKCS#10-formatted Certificate Signing Request (CSR)
suitable for submission to a certificate authority. Before you send the CSR, make sure to export the
existing certificate and Private Key to a local machine to back it up for safekeeping.
To export he CSR/Private Key and create a certificate request from the CAM web console:
Step 1 Go to Administration > CCA Manager > SSL > X509 Certification Request (Figure 14-6).