11-28-2022 01:36 AM
hello all,
i need to apply self signed certificate to DNA, Cisco Support Tac dose not recommeded
any idea?
11-29-2022 04:32 AM
any update?
12-23-2022 09:50 PM
the process you described is to add the self signed certificate to trusted certificate store so that browser will not throw the cert error, that is not really much of security.
If you don't have a PKI infrastructure, just use default cert, it will still allow you to do all integrations with DNAC like ISE, adding devices for management etc. Since your browser do not trust Cisco default signed cert you will continue to get the error message.
Cisco recommends assigning cert before DNAC is in production because if a connection is lost between managed device and DNAC for some reason (such as a power outage or reboot), network devices will need to establish trust with the new CA before connections can be established.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide