topic Yes, you can import an SSL in Network Access Control https://community.cisco.com/t5/network-access-control/ise-csr-using-openssl/m-p/2849749#M36424 <P>Yes, you can import an SSL certificate and private key into ISE. Be sure you import the root CA certificate into the Trusted Certificates store first. Review&nbsp;the directions here, under <STRONG>Import a System Certificate</STRONG>,&nbsp;for more information:<BR /><BR /><A href="http://www.cisco.com/c/en/us/td/docs/security/ise/1-4/admin_guide/b_ise_admin_guide_14/b_ise_admin_guide_14_chapter_01000.html" target="_blank" title="Cisco ISE 1.4 Admin Guide - Managing Certificates">Cisco ISE 1.4 Admin Guide - Managing Certificates</A></P> <P>Are you using a wildcard? If so, the wildcard needs to be in the SAN. Use a generic name (e.g. aaa.domain.com) as the CN.</P> Fri, 29 Apr 2016 15:17:03 GMT Joseph Johnson 2016-04-29T15:17:03Z ISE CSR using OpenSSL https://community.cisco.com/t5/network-access-control/ise-csr-using-openssl/m-p/2849748#M36421 <P>Hi,</P> <P></P> <P>I would like to prepare CA-signed certificate for ISE before onsite. Can I using openSSL to generate CSR for ISE 1.4? Please let me know how to import private key and CA-signed certificate into the ISE. &nbsp;</P> <P></P> <P>Thanks in advance</P> Mon, 11 Mar 2019 06:43:16 GMT https://community.cisco.com/t5/network-access-control/ise-csr-using-openssl/m-p/2849748#M36421 james.song1 2019-03-11T06:43:16Z Yes, you can import an SSL https://community.cisco.com/t5/network-access-control/ise-csr-using-openssl/m-p/2849749#M36424 <P>Yes, you can import an SSL certificate and private key into ISE. Be sure you import the root CA certificate into the Trusted Certificates store first. Review&nbsp;the directions here, under <STRONG>Import a System Certificate</STRONG>,&nbsp;for more information:<BR /><BR /><A href="http://www.cisco.com/c/en/us/td/docs/security/ise/1-4/admin_guide/b_ise_admin_guide_14/b_ise_admin_guide_14_chapter_01000.html" target="_blank" title="Cisco ISE 1.4 Admin Guide - Managing Certificates">Cisco ISE 1.4 Admin Guide - Managing Certificates</A></P> <P>Are you using a wildcard? If so, the wildcard needs to be in the SAN. Use a generic name (e.g. aaa.domain.com) as the CN.</P> Fri, 29 Apr 2016 15:17:03 GMT https://community.cisco.com/t5/network-access-control/ise-csr-using-openssl/m-p/2849749#M36424 Joseph Johnson 2016-04-29T15:17:03Z