Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
599
Views
0
Helpful
2
Replies

Cannot establish trust with Cisco ISE:

ozan2
Level 1
Level 1

‎09-15-2023 03:56 PM

Cannot establish trust with Cisco ISE: Expected phrase [Trust establishment completed successfully] wasn't received from ise.

DNAC is using a self signed cert with both of its VIP and cluster IP in the SAN field with the extended parameters.

ISE is using the default certificates of pxgrid signed by its intermediate and root CA.

-> I've imported both of these - the intermediate and root certs into DNAC's trustpool.

Do I also need to import DNAC's certificate into ISE's trustpool? 

 

I do not have a dedicated PKI and I am going in circles trying to get this trust established. Any help would be much appreciated. 

Labels:
0 Helpful
2 Replies 2

ozan2
Level 1
Level 1

‎09-15-2023 04:41 PM

I've regenerated the self signed certificate of DNAC with CA constraints and now I am past the errors. However - I do not see any acti

ozan2_1-1694821295360.png

Any help would be much appreciated. Thank you.

 

ve requests in ISE.

 

ozan2_0-1694821273656.png

 

 

 

0 Helpful

ammahend
VIP Alumni
VIP Alumni

‎09-15-2023 08:30 PM

did you follow the steps here

-hope this helps-
0 Helpful
Customers Also Viewed These Support Documents