02-11-2021 07:14 AM
I am getting the following alert for a cert that expired back in August. But I can't find the cert in my system certs, trusted certs, or internal CA. So I can't remove it to stop the alarm. I'm getting the same for my other nodes from ise-adm1.
Trust certificate 'Certificate Services Endpoint Sub CA - ise-psn1#00011' expired on Wed; 26 Aug 2020 : Server=ise-adm1
02-11-2021 07:53 AM
HI
I've had this exact same issue at the minute, had a call open with TAC
It looks like you Self Signed Certificate is expiring, just need to Generate Self Signing Certificate request for your route on you root CA.
Should reboot Nodes, but might and if it does it will be one at a time.
Can compare the certs under Certificate Authority Certificate
Hope this helps
02-18-2021 08:20 AM
I ended up working with TAC. Apparently its not uncommon to delete certs from the UI only to have them persist. They had to be removed from the CLI with root.
02-18-2021 02:07 PM
I just saw this on a customer deployment but had not dug in to it. Thanks for providing your resolution!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide