Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
607
Views
4
Helpful
3
Replies

API /system-certificate/export throws could not prepare statement erro

Go to solution
prathwishhegde
Level 1
Level 1

‎05-22-2023 06:55 AM - edited ‎05-22-2023 09:04 PM

The Above Post API response from the Cisco ISE v3.1.0.518 is not consistent. Out of 6 tries 1 API request is failing with the below exception. (Same API test with same payload)

 

2023-05-22 13:53:31,914 ERROR [openapi-http-pool8][] com.cisco.epm.ssl.SSLManagerFactory -::::- Error in creating trust manager factory
com.cisco.cpm.edf2.na.EDFNetworkDeviceException: org.hibernate.exception.GenericJDBCException: could not prepare statement
at com.cisco.cpm.infrastructure.certmgmt.helpers.CertMgmtEDFHelper.getAllTrustCerts(CertMgmtEDFHelper.java:38)
at com.cisco.cpm.infrastructure.certmgmt.im.TrustCertificate.getAllTrustCertificates(TrustCertificate.java:29)
at org.apache.tomcat.util.net.jsse.IseTrustStoreLoader.getAllTrustCerts(IseTrustStoreLoader.java:116)

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Arne Bier
VIP
VIP

‎05-22-2023 01:24 PM

Normally when asking a question on these forums, we don't just dump a long list of errors and expect an answer. You might start with a simple intro and some commands (if you expect others to try it on their systems to see if they can also see the same error). 

And what version of ISE etc.

If it's a software defect on a production system you should also open a TAC case (if you haven't already done so.)

View solution in original post

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee
In response to prathwishhegde

‎05-22-2023 11:14 PM

I'm unable to replicate any issues with the '/api/v1/certs/system-certificate/export' POST API call in my ISE 3.1 patch 6 instance.

I tried with both export options..
"export": "CERTIFICATE_WITH_PRIVATE_KEY" (specifying the password key/value)
"export": "CERTIFICATE"

I executed the API call 10 times in a row with both export option and the response for each iteration was 200 OK. I tested using both Postman and the built-in Swagger UI with the same results.

If you're running the latest patch, you will likely need to open a TAC case to investigate further.

View solution in original post

3 Replies 3

Go to solution
Arne Bier
VIP
VIP

‎05-22-2023 01:24 PM

Normally when asking a question on these forums, we don't just dump a long list of errors and expect an answer. You might start with a simple intro and some commands (if you expect others to try it on their systems to see if they can also see the same error). 

And what version of ISE etc.

If it's a software defect on a production system you should also open a TAC case (if you haven't already done so.)

Go to solution
prathwishhegde
Level 1
Level 1
In response to Arne Bier

‎05-22-2023 09:05 PM

@Arne Bier  The Above Post API response from the Cisco ISE v3.1.0.518 is not consistent. Out of 6 tries 1 API request is failing with the exception shared above. (Same API test with the same payload)

0 Helpful

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee
In response to prathwishhegde

‎05-22-2023 11:14 PM

I'm unable to replicate any issues with the '/api/v1/certs/system-certificate/export' POST API call in my ISE 3.1 patch 6 instance.

I tried with both export options..
"export": "CERTIFICATE_WITH_PRIVATE_KEY" (specifying the password key/value)
"export": "CERTIFICATE"

I executed the API call 10 times in a row with both export option and the response for each iteration was 200 OK. I tested using both Postman and the built-in Swagger UI with the same results.

If you're running the latest patch, you will likely need to open a TAC case to investigate further.

Customers Also Viewed These Support Documents