Cisco NAC Appliance - Certificate installation
Immediately after being issued, your SSL certificate will be sent to you by email. It is also possible to download the certificate from the Control Panel. The file containing the certificate will have the same name as the domain name it is meant for (for example: www_sslcertificaten_nl.crt).
If root and intermediate certificates also need to be installed, they must be combined into one file.
Combining root and intermediate certificates
Merging root and intermediate certificates can be done as follows:
- Open the certificate belonging to your website in a simple text editor (for example Notepad, not Word).
- Save the root certificate using a different name, for example: thawte_ca_bundelbestand.crt.
- Move the cursor to the beginning of the first line in the root certificate and press Enter once, creating an empty line at the top of the file.
- Copy the entire contents of the intermediate certificate, including all lines and dashes. Paste the contents below the contents of the domain certificate. Your file should now have the following structure:
-----BEGIN CERTIFICATE-----
AaP1uE34iLAeNV6hIAi9MBe2OUYGNtAOLdDH9uIO/D5HJS6OFMtB43VOAB9NXaogsEKgSk
(More encrypted data intermediate certificatet)
<tEd2DbNsGOj/7ISaHSS4OVeJA8LDhI2BN
-----END CERTIFICATE----------BEGIN CERTIFICATE-----
FIgsmeogSe49gskg0932nsSERKGS39/ssekSEgusgngSETGKJwei3nEKSGXssNvozwjZ32
(More encrypted data root certificate)
sSF20gs30FSBOSVMZLI39sSkenSIDGLEs
-----END CERTIFICATE-----
Note: Comodo PositiveSSL certificates include a second intermediate certificate. The second intermediate certificate should be pasted between the root and the first intermediate certificate, using the same structure as shown in the example above. - Save the file.
Certificate Installation
- Open the certificate somewhere where Cisco NAC can access it.
- Open the Administration Module, open the CCA Manager and click the SSL Certificate tab under Clean Access Manager.
- Choose Import Certificate from the drop down menu at the top.
- Nest to Certificate File, click Browse, select the stored certificate and click Upload. Please Note: The Cisco NAC does not support file names with spaces.
- Click on Browse again, choose the combined root and intermediate certificate file (if applicable) and click on Upload again.
- Click on Verify and install uploaded certificates to finish the installation.
All necessary steps to install your web server certificate have now been completed. Please make sure to adequately secure your certificate files, and to store a backup of your private key and web server certificate in a safe location. You should also install the root and intermediate certificates. Check whether the certificate is correctly installed with the SSLCheck and ensure an optimal configuration with these tips and settings.
Please do not hesitate to contact us if you encounter problems or error messages.
SSLCheck
Our SSLCheck will examine your website's root and intermediate certificates for correctness and report any potential issues