Subject: | |
From: | |
Reply To: | |
Date: | Wed, 9 Jul 2008 13:41:32 -0700 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Hey Kurt (and all) -
Thanks - that's just what I was afraid I was going to have to do. I'll
set up a change management period for it now... Sigh...:) Thanks!
- Sean
----
Sean Hennessey
Networking and Information Security Systems Administrator
The University of Portland
-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of Kurt Huenemann
Sent: Wednesday, July 09, 2008 1:31 PM
To: [log in to unmask]
Subject: Re: Cert Question
Sean,
These are the instructions from Cisco TAC that worked for us last time
we renewed our certs. Maybe something here will help you?
====================
1) From CAM web console, manage the CAS, go to the Certs section and
export the current private key, then the certificate.
Save this somewhere safe.
2) During a maintenance window, generate a new temporary certificate for
the CAS using the UI. Please make sure that you fill all the fields
correctly. Once the new certificate is generated, export the new
private key and a CSR (certificate signing request).
3) During the same maintenance window, import back the old private key,
and certificate, verify and upload the cert and restart the CAS (service
perfigo restart or reboot whichever is easier).
4) Send the CSR obtained in step#2 for signing. Once you receive the
signed cert back, perform step #3 except with the new private key and
the newly received signed cert. And restart the CAS.
=======================
Kurt
|
|
|