cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

99
Views
0
Helpful
0
Replies

Cisco NAC CAM & CAS SSL Certificates Expired

Hi, I'm running outdated and unsupported v.4.9.3 with an HA pair of CAMs and HA pair of CASs. Using basic captive portal for both guest unsecured and employee secured wireless authentication, along with MAC AUTH. I have been using two SSL certificates over the years, one for the NAC MGR communication and another for the captive portal(eg.captiveportal.mydomain.com). The SSL certificates expired and everything just stopped working. The CAM stopped talking with the CAS and the captive portal stopped working. 

 

I bought or renewed the certificates, installed the NAC MGR certificate on the CAM and now CAS and CAM are seeing each other. But my redundant CAM is still showing red or disconnected and under the failover section it says the peer CAM is DEAD. Also, even though the CAM and CAS see each other, none of the MAC AUTH clients are able to authenticate. 


Is there is a special procedure for installing SSL certificates if they expired? For example, do both certificates have to be installed on all 4 appliances? 


Thanks for any help you can provide.


Scott