cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
77
Views
0
Helpful
1
Replies
Beginner

DNAC Certificate - Authority "Self Signed"

Hi! I am trying to import a certificate to DNAC signed by our internal RootCA. I have followed the guide, but, it is still "self signed" according to DNAC. Guide: https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/hardening_guide/b_dnac_security_best_practices_guide.html#d54e1532a1635

 

I have made a PEM file with "Signed Cisco DNA Center certificate + subordinate CA + RootCA" in it. I can load the cert in correctly, but if I query the API for cert validation: https://dnac.xxxx.se/api/v1/certificate/validate

Response from API: "[SAN check failed, Certificate not signed by trusted CA]"

 

Can I import the RootCA cert in some way to get DNAC to trust my internal RootCA?

dnac_cert_hidden.png

 

Everyone's tags (2)
1 REPLY 1
Highlighted
Cisco Employee

Re: DNAC Certificate - Authority "Self Signed"

Can you please open a TAC case for this so they can investigate?  If DNA Center indicated that your certificate was uploaded correctly, then it doesn't make sense that it isn't reflected by the system later on.

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards