cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Choose one of the topics below for resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.

145
Views
1
Helpful
2
Replies
Highlighted
Cisco Employee

ISE internal CA management

Is there any way to access/manage the ISE CA issued certificates via API/CLI? API seems to support just managing the Certificate template, but not the issued certificates.

Also, when ISE CA issues a certificate, is there any way to get a notification to an admin before the issued certificate expires?

Thanks in advance

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: ISE internal CA management

End Point Certificates API is there to create/issue certificates.

No notification to an admin before the issued certificates expire. However, we may redirect the sessions to a guest portal to go through BYOD again when the certificates are close to expire.

2 REPLIES
Cisco Employee

Re: ISE internal CA management

End Point Certificates API is there to create/issue certificates.

No notification to an admin before the issued certificates expire. However, we may redirect the sessions to a guest portal to go through BYOD again when the certificates are close to expire.

Cisco Employee

Re: ISE internal CA management

Please see the alarm section on Certificate expiration and endpoint certificate expiry for details.

You can configure Alarms in ISE to send a notification (Administration>System>Settings-->Alarm Settings), edit the alarm, go to alarm configuration or alarm notification to send email/syslog notification when these are generated.

Those are the only options available in ISE, as Hsing pointed out I don’t think you have notifications before endpoint certificate expiry however for general deployment certificate expiration we have options.

In your authorization policy you can also create authorization conditions with Days to expiry and redirect to a portal

-Krishnan

CreatePlease to create content
Ask the Expert- Webex Hybrid Services Solutions