Hi. I have a HUGE problem that i desperately need your help with. I have installed two ACS appliances to be used for IBNS and eventually for NAC. I want to use certificates to authenticate users. I have windows 2003 enterprise CA setup ( 3-tier). I use the issuing CA to generate the certificates. When i request and install the certificate that goes though without a problem. However when i got to global authentication and try to enable PEAP i get the following message:
Failed to initialize PEAP or EAP-TLS authentication protocol because CA certificate is not installed. Install the CA certificate using "ACS Certification Authority Setup" page
The certificate is installed.
I got a solution from a cisco rep here but it did not work the solution is listed below: Symptom: ACS appliance will not recognize the installed certificate.
Condition:
Cisco Security Agent is running.
- Install a certificate - GUI will report certificate as installed and validitiy OK.
- Enable PEAP
- Error appears:
Failed to initialize PEAP or EAP-TLS authentication protocol because CA certificate is not installed. Install the CA certificate using "ACS Certification Authority Setup" page.
Workaround: Disable Cisco Security Agent and repeat the installation procedure. It will succeed. Re-enable Cisco Security Agent.
I desperately need your help in solving this. I have no idea what else to try. Thanks in advance for your expertise.
Regards