How do I create a Personal Certificate for EAP-TLS using CiscoSecure ACS?
The following outlines the generation of a Personal Certificate for EAP-TLS using version 4.01 of CiscoSecure ACS and a Certificate Authority (CA) both of which are running on the same Windows 2003 server. Any Windows PC with Internet Explorer may be used to generate and retrieve the certificate from the CA. In this example, the certificate is then installed on the client, an HP iPAQ running Windows Mobile v5.0. Detailed Steps: 1. Generate the certificate From the IE browser on the PC browse to the CA. Then: Select “Request a certificate” Select “advanced certificate request” Select “Create and submit a request to this CA” Provide a name that matches a valid username account on the ACS Server. Then: Select “Client Authentication Certificate” Select Key Size of 1024 Check “Mark keys as exportable” Accept all other defaults Click on “Submit” Select “Yes” when prompted with “Potential Scripting Violation…Do you want to request a certificate now?” Select “Install this certificate”. Select”