Hi, I have exactly the same issue error message, after running this connectivity over a long period. My DNAC is 2.2.2.9, my ISE is 2.7 Patch 2. I checked the whole config again and startet the services new, but get still the message. Anyone have some hints?

We got this action Plan from TAC: We discovered in Logs, that a Certificate was missing in DNAC from the Chain of Trust so after that, the issue was fixed:

Also, please proceed with the below action:

-restart the pxgrid and network-design services from the DNA cli using the below commands:
magctl service restart --hard pxgrid

magctl service restart --hard network-design

-Then on two sessions, please execute the below two commands:
on the first session:
magctl service logs -rf network-design | lql > /home/maglev/networkdesignlogs

on the second session:

magctl service logs -rf pxgrid | lql > /home/maglev/pxgridlogs

- Then please proceed with the integration again.
After the integration, please stop the logging that we run on both sessions by “ctrl+c” and provide me with the files that will be placed under home/maglev/ files name: networkdesignlogs and pxgridlogs

In the Log there was this line:

| 751 | Caused by: com.cisco.apicem.commonsettings.service.exception.ISETrustException: PRIMARY Certificate is UNTRUSTED

So we imported all the CA Certificates from the PKI which signed the Admin Certs and all was good.

Cisco should update there documentation, because in the linked Deployment Guides there nothing about that trust.

The restart of the service pxgrid and network-design solved my issue. I did not had to change the certificates because there wasn't an "UNTRUSTED" message in the log. 

Many thanks @Martin Grimm 

Great to read that. So service restart is a solution too. @pranav: how did you solve the problem? I think this thread can be marked as "Solved".