We too are moving from ipsCA. We have started using StartSSL certificates on our in house devices. We are using VeriSign for those systems that handle financial or sensitive information. StartSSL certs are free.
Ronald King Security Engineer http://security.nsu.edu -----Original Message----- From: Cisco Clean Access Users and Administrators [mailto:[email protected]] On Behalf Of Chidaushe, Mavhu Sent: Monday, August 22, 2011 12:52 PM To: [email protected] Subject: Re: SSL CA's We are currently using digicert and that works well for us. We too used to be on the IPSCA bandwagon but since that Root expiration fiasco we left them. Free had its price- headaches. Mavhu Chidaushe Communications Network Analyst University Networking Systems and Services South Dakota State University Old Horticulture #206a, Box 2231 Brookings, SD 57007 NOTICE: This message contains confidential information and is intended only for the addressee(s). If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately if you have received this e-mail by mistake and delete this e-mail from your system. Failure to do so may be a violation of South Dakota Codified Law and Federal Statutes. -----Original Message----- From: Cisco Clean Access Users and Administrators [mailto:[email protected]] On Behalf Of Kyle Torkelson Sent: Monday, August 22, 2011 11:43 AM To: [email protected] Subject: SSL CA's Does anyone use Network Solutions as a signing Certificate Authority for Cisco NAC 3355 and ACS 1121 boxes? I'm thinking of using them for 802.1X and Cisco NAC since IPSCA (who we currently use) isn't working well with my wireless 802.1X deployment on our 5508 controller. I'm kind of thinking I've waited long enough for IPSCA to get recognized my Mozilla, etc....I love that they are free but I'm finding in some cases it's more headache than what it's worth... Any other suggestions, I'll gladly take them...I just considered Comodo, GoDaddy, Thawte, Verisign but was hoping to get other feedback... Thanks Kyle
smime.p7s
Description: S/MIME cryptographic signature
