08-01-2019 07:13 AM
After upgrading to v2.6 on primary node, Certificate Authority Service is running well. While on secondary node, Certificate Authority Service cannot initiate.
In v2.4, Certificate Authority Service was running well on both nodes.
ISE PROCESS NAME STATE PROCESS ID -------------------------------------------------------------------- Database Listener running 2608 Database Server running 119 PROCESSES Application Server running 11194 Profiler Database running 5251 ISE Indexing Engine running 13422 AD Connector running 19174 M&T Session Database running 5013 M&T Log Processor running 11417 Certificate Authority Service initializing EST Service not running SXP Engine Service disabled Docker Daemon running 6395 TC-NAC Service disabled
We have tried restarting the application many times (stop/start), but same result.
We tried this
https://community.cisco.com/t5/identity-services-engine-ise/error-message-quot-est-service-not-running-quot-since-upgrade-to/td-p/3484698
But customer does not have Plus License to generate CSR. (EST service is also not running).
Solved! Go to Solution.
08-06-2019 10:32 AM
Please try recreating and engaging our ISE ESC team, if needed. CSCvj11319 is not a known issue for ISE 2.6.
ISE Plus licenses are not required to run ISE CA services, as to support session exchanges via pxGrid for Cisco subscribers.
08-06-2019 10:32 AM
Please try recreating and engaging our ISE ESC team, if needed. CSCvj11319 is not a known issue for ISE 2.6.
ISE Plus licenses are not required to run ISE CA services, as to support session exchanges via pxGrid for Cisco subscribers.
12-20-2019 09:54 AM
Actually, Plus license is required for internal CA between two ISE nodes. Unfortunately, that does not solve this problem.
03-26-2020 03:27 AM
So regenerating the ISE root cert will solve the issue?
Will regenereating the cert impact the registration of the 2 ISE node?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide