Cisco Secure Access Control Server Certificate Setup; Eap-Tls Setup - Cisco DX650 Administration Manual

Security for Voice Communications in WLANs
• EAP-TLS (Extensible Authentication Protocol–Transport Layer Security)
• PEAP-GTC (Protected Extensible Authentication Protocol–Generic Token Card) and PEAP-MSCHAPV2
(Protected Extensible Authentication Protocol–Microsoft Challenge Handshake Authentication Protocol
Version 2)
• CCKM (Cisco Centralized Key Management)
Note
• WEP (Wired Equivalent Protocol)
• Open
For more information about authentication methods, see the "Wireless Security" section in the Cisco Desktop
Collaboration Experience DX600 Series Wireless LAN Deployment Guide.

Cisco Secure Access Control Server Certificate Setup

Cisco Secure Access Control Server (ACS) is an authentication server that uses EAP-TLS and PEAP
authentication protocols and digital certification to ensure the protection and validity of authentication
information. For each EAP authentication method, certificates must be installed and correctly configured.
ACS certificates are configured in the ACS Certificate Setup page that is shown in the following figure.
Figure 9: ACS Certificate Setup

EAP-TLS Setup

The server certificate installation must adhere to the following guidelines:
1 Installation is performed using the Install ACS Certificate configuration page.
2 The certificate usually contains two files: server.pem and server_privatekey.crt with a private key password.
Cisco Desktop Collaboration Experience DX650 Administration Guide, Release 10.1(1)
88
CCKM can be optionally used with WPA/WPA2.