Home > Cisco > Control System > Cisco Acs 5x User Guide

Cisco Acs 5x User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Acs 5x User Guide. The Cisco manuals for Control System are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 221

    Page 221 8-69 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Configuring CA Certificates You use the CA options to install digital certificates to support EAP-TLS authentication. ACS uses the X.509 v3 digital certificate standard. ACS also supports manual certificate acquisition and provides the means for managing a certificate trust list (CTL) and certificate revocation lists (CRLs). Digital certificates do not require the sharing of... 
    8-69
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Configuring CA Certificates
You use the CA options to install digital certificates to support EAP-TLS authentication. ACS uses the 
X.509 v3 digital certificate standard. ACS also supports manual certificate acquisition and provides the 
means for managing a certificate trust list (CTL) and certificate revocation lists (CRLs).
Digital certificates do not require the sharing of...

    Page 222

    Page 222 8-70 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Configuring CA Certificates Allow Duplicate Certificates Allows you to add certificates with the same CN and SKI with different Valid From, Valid To, and Serial numbers. Description Enter a description of the CA certificate. Table 8-19 Certificate Authority Properties Page (continued) Option Description 
    8-70
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Configuring CA Certificates
Allow  Duplicate  Certificates Allows you to add certificates with the same CN and SKI with different Valid From, Valid 
To, and Serial numbers.
Description Enter a description of the CA certificate.
Table 8-19 Certificate Authority Properties Page   (continued)
Option Description

    Page 223

    Page 223 8-71 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Configuring CA Certificates Step 4Click Submit. The new certificate is saved. The Trust Certificate List page appears with the new certificate. Related Topics User Certificate Authentication, page B-6 Overview of EAP-TLS, page B-6 Editing a Certificate Authority and Configuring Certificate Revocation Lists Use this page to edit a trusted CA (Certificate Authority) certificate. Step... 
    8-71
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Configuring CA Certificates
Step 4Click Submit. 
The new certificate is saved. The Trust Certificate List page appears with the new certificate.
Related Topics
User Certificate Authentication, page B-6
Overview of EAP-TLS, page B-6
Editing a Certificate Authority and Configuring Certificate Revocation Lists
Use this page to edit a trusted CA (Certificate Authority) certificate.
Step...

    Page 224

    Page 224 8-72 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Configuring CA Certificates Step 3Click Submit. The Trust Certificate page appears with the edited certificate. Related Topics User Certificate Authentication, page B-6 Overview of EAP-TLS, page B-6 Deleting a Certificate Authority Use this page to delete a trusted CA (Certificate Authority) certificate: Step 1Select Users and Identity Stores > Certificate Authorities. The Trust... 
    8-72
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Configuring CA Certificates
Step 3Click Submit.
The Trust Certificate page appears with the edited certificate.
Related Topics
User Certificate Authentication, page B-6
Overview of EAP-TLS, page B-6
Deleting a Certificate Authority
Use this page to delete a trusted CA (Certificate Authority) certificate:
Step 1Select Users and Identity Stores > Certificate Authorities.
The Trust...

    Page 225

    Page 225 8-73 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Configuring Certificate Authentication Profiles Related Topic Overview of EAP-TLS, page B-6 Exporting a Certificate Authority To export a trust certificate: Step 1Select Users and Identity Stores > Certificate Authorities. The Trust Certificate List page appears with a list of configured certificates. Step 2Check the box next to the certificates that you want to export. Step 3Click... 
    8-73
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Configuring Certificate Authentication Profiles
Related Topic
Overview of EAP-TLS, page B-6
Exporting a Certificate Authority
To export a trust certificate:
Step 1Select Users and Identity Stores > Certificate Authorities.
The Trust Certificate List page appears with a list of configured certificates.
Step 2Check the box next to the certificates that you want to export.
Step 3Click...

    Page 226

    Page 226 8-74 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Configuring Certificate Authentication Profiles To create, duplicate, or edit a certificate authentication profile: Step 1Select Users and Identity Stores > Certificate Authentication Profile. The Certificate Authentication Profile page appears. Step 2Do one of the following: Click Create. Check the check box next to the certificate authentication profile that you want to duplicate,... 
    8-74
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Configuring Certificate Authentication Profiles
To create, duplicate, or edit a certificate authentication profile:
Step 1Select Users and Identity Stores > Certificate Authentication Profile.
The Certificate Authentication Profile page appears.
Step 2Do one of the following:
Click Create.
Check the check box next to the certificate authentication profile that you want to duplicate,...

    Page 227

    Page 227 8-75 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Configuring Identity Store Sequences Configuring Identity Store Sequences An access service identity policy determines the identity sources that ACS uses for authentication and attribute retrieval. An identity source consists of a single identity store or multiple identity methods. When you use multiple identity methods, you must first define them in an identity store sequence, and... 
    8-75
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Configuring Identity Store Sequences
Configuring Identity Store Sequences
An access service identity policy determines the identity sources that ACS uses for authentication and 
attribute retrieval. An identity source consists of a single identity store or multiple identity methods. 
When you use multiple identity methods, you must first define them in an identity store sequence, and...

    Page 228

    Page 228 8-76 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Configuring Identity Store Sequences Step 2Do one of the following: Click Create. Check the check box next to the sequence that you want to duplicate, then click Duplicate. Click the sequence name that you want to modify, or check the check box next to the name and click Edit. The Identity Store Sequence Properties page appears as described in Ta b l e 8 - 2 2. Table 8-22 Identity... 
    8-76
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Configuring Identity Store Sequences
Step 2Do one of the following:
Click Create.
Check the check box next to the sequence that you want to duplicate, then click Duplicate. 
Click the sequence name that you want to modify, or check the check box next to the name and click 
Edit.
The Identity Store Sequence Properties page appears as described in Ta b l e 8 - 2 2.
Table 8-22 Identity...

    Page 229

    Page 229 8-77 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Configuring Identity Store Sequences Step 3Click Submit. The Identity Store Sequences page reappears. Related Topics Performing Bulk Operations for Network Resources and Users, page 7-8 Viewing Identity Policies, page 10-21 Managing Internal Identity Stores, page 8-4 Managing External Identity Stores, page 8-22 Configuring Certificate Authentication Profiles, page 8-73 Deleting... 
    8-77
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Configuring Identity Store Sequences
Step 3Click Submit.
The Identity Store Sequences page reappears. 
Related Topics
Performing Bulk Operations for Network Resources and Users, page 7-8
Viewing Identity Policies, page 10-21
Managing Internal Identity Stores, page 8-4
Managing External Identity Stores, page 8-22
Configuring Certificate Authentication Profiles, page 8-73
Deleting...

    Page 230

    Page 230 8-78 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Configuring Identity Store Sequences Managing Internal Identity Stores, page 8-4 Managing External Identity Stores, page 8-22 Configuring Certificate Authentication Profiles, page 8-73 Creating, Duplicating, and Editing Identity Store Sequences, page 8-75 
    8-78
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Configuring Identity Store Sequences
Managing Internal Identity Stores, page 8-4
Managing External Identity Stores, page 8-22
Configuring Certificate Authentication Profiles, page 8-73
Creating, Duplicating, and Editing Identity Store Sequences, page 8-75
    Start reading Cisco Acs 5x User Guide

    Related Manuals for Cisco Acs 5x User Guide

    All Cisco manuals