This is probably answered already but I wanted to chime in that installing certificates on CAMs is a nightmare for people who don't normally have to work with certificates. I followed Cisco instructions exactly to combine the files and kept receiving errors. Finally I sent the TAC engineer all of the files and he put them together for me. This certificate installed without problems. From now on whenever I need to install a certificate on a NAC appliance I will call TAC and have them put it together for me.
T.J. Hontz From: Cisco Clean Access Users and Administrators [mailto:[email protected]] On Behalf Of John Tumblin Sent: Monday, February 07, 2011 10:14 AM To: [email protected] Subject: Re: installing a new cert That's goos when they are there to export but I ran in to this problem on a clean install, what you are suggesting did not work for me. John J. Tumblin RHCE Systems Lead Network Engineer The TJX Companies, Inc. Direct 508-390-2738 Cell 508-958-9110 email: [email protected] "Simpson, Tom, Contractor" <[email protected]> Sent by: Cisco Clean Access Users and Administrators <[email protected]> 02/07/2011 10:06 AM Please respond to Cisco Clean Access Users and Administrators <[email protected]> To [email protected] cc Subject Re: installing a new cert When you export the certs from the CAM, you can select both files at the same time with the check box above them. Then when you export them this allows them to both be exported as a single file. Here is a link I was sent by Cisco for certs on the CCA hardware. http://www.employees.org/~basti/certs ________________________________________ From: Cisco Clean Access Users and Administrators [[email protected]] On Behalf Of Hurlbert, Scott, JIMS [[email protected]] Sent: Monday, February 07, 2011 9:46 AM To: [email protected] Subject: Re: installing a new cert How did you get the two keys into one file? Scott "Have A Nice Day!!" From: Cisco Clean Access Users and Administrators [mailto:[email protected]] On Behalf Of John Tumblin Sent: Monday, January 31, 2011 1:01 PM To: [email protected] Subject: Re: installing a new cert I am on version 4.7.2 for my CAS I had to put the Public Key and the Private Key together in one text file to get the CAS to do the import. On the CAM I had to import the Public Key as a trusted site, once I did that everything started working. I don't know this but if you have HA pairs like I do then you have to do the import on all your devices, certs do not go into the database. John J. Tumblin RHCE Systems Lead Network Engineer The TJX Companies, Inc. Direct 508-390-2738 Cell 508-958-9110 email: [email protected]<<http://www.employees.org/~basti/certs>mailto:[email protected]> This message and any attachments are solely for the use of the individual or entity to which it is addressed and may contain information that is privileged or confidential. If you are not the intended recipient, any disclosure, use or distribution of the information contained herein is prohibited. If you have received this communication in error, please notify the sender by reply e-mail and immediately delete this message and any attachments. In the event this document(s) contains technical data within the definition of the International Traffic in Arms Regulations, it is subject to the export control laws of the U.S. Government. Transfer of this data by any means to a foreign person, whether in the United States or abroad, without an export license or other approval from the U.S. Department of State, is prohibited. <mailto:[email protected]>
