Cisco 7925G Administration Guide - Page 94
User Installed Certificate, To verify the MIC
UPC - 882658201943
View all Cisco 7925G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 94 highlights
Configuring Network Profiles Chapter 4 Using the Cisco Unified Wireless IP Phone 7925G Web Pages To verify the MIC, the Manufacturing Root Certificate and Manufacturing Certificate Authority (CA) Certificate must be exported from a Cisco Unified Wireless IP Phone 7925G and installed on the Cisco ACS server. These two certificates are part of the trusted certificate chain used to verify the MIC by the Cisco ACS server. To verify the Cisco ACS certificate, a trusted subordinate certificate (if any) and root certificate (created from a CA) on the Cisco ACS server must be exported and installed on the phone. These certificate(s) are part of the trusted certificate chain used to verify the trust of the certificate from the ACS server. User Installed Certificate To use a user installed certificate, a Certificate Signing Request (CSR) must be generated on the phone, sent to the CA for approval, and the approved certificate installed on the Cisco Unified Wireless IP Phone 7925G. During EAP-TLS authentication, the ACS server needs to verify the trust of the phone and the phone needs to verify the trust of the ACS server. To verify the authenticity of the user installed certificate, a trusted subordinate certificate (if any) and root certificate from the CA that approved the user certificate must be installed on the Cisco ACS server. These certificate(s) are part of the trusted certificate chain used to verify the trust of the user installed certificate. To verify the Cisco ACS certificate, a trusted subordinate certificate (if any) and root certificate (created from a CA) on the Cisco ACS server must be exported and installed on the phone. These certificate(s) are part of the trusted certificate chain used to verify the trust of the certificate from the ACS server. To install authentication certificates for EAP-TLS, perform the tasks listed in Table 4-6: Table 4-6 Installing the Certificate for EAP-TLS Task From For more information, see... 1. Set the Cisco Unified Cisco Unified Wireless IP Phone 7925G Setting the Date and Time, page 4-19 Communications Manager date and web page time on the phone. 2. If using the Manufacturing Installed • Cisco Unified Wireless IP Phone Exporting and Installing the Certificates Certificate (MIC): 7925G web page on the ACS, page 4-19 a. Export the CA root certificate and manufacturing CA certificate. • Internet Explorer • Microsoft Certificate Services Exporting the CA Certificate from the ACS Using Microsoft Certificate Services, page 4-20 b. Install certificates on the Cisco ACS server and edit the trust list. c. Export the CA certificate from the ACS server and import it to the phone. 4-18 Cisco Unified Wireless IP Phone 7925G Administration Guide for Cisco Unified Communications Manager 7.0(1) OL-15984-01