02-05-2019 01:21 PM
Hello folks,
I'm getting the attached error cert message/warning the moment I open up IE on Windows 10. I'm doing Posture with ISE 2.4.
The Switch pushes the redirect URL and AnyConnect pops-up an option to choose the browser i.e. either IE or Chrome.
When I open up IE, it shows this error message. This error is confusing to me, because ISE and the website in the image IE is automatically trying to open up, are both provisioned Certificates by the same Sub-CA.
Sub-CA and Root CA are Internal CAs, and are Trusted by IE in it's Certificate store as "Intermediate Certification Authorities" and "Trusted Root Certification Authorities" respectively.
How can I fix the it.
Appreciate the help.
Thanks
Ain
02-05-2019 01:28 PM
02-05-2019 01:28 PM
02-05-2019 03:52 PM - edited 02-05-2019 04:18 PM
Thank you. I mistakenly hit the Solution button. The problem is still there.
Found out that the website has wildcard in the CN field. I read in the documentation that microsoft doesn't support certificates with wildcards in the CN field, instead the cert can have wildcard in the SAN field.
BUT, this is not the problem, because when we browse internally to that website (without Posture/redirect), it doesn't throw any error message. Then Why it is sending a warning message upon redirect?
Thanks for your help.
Ain
02-05-2019 08:19 PM
02-06-2019 11:52 AM - edited 02-06-2019 11:57 AM
Attached are the Certs. One from the website (that endpoint automatically tries to go to upon URL Redirect) and the other one if from ISE.
Sorry had to mask the details little bit, but I hope you'll get the point.
Let me know if you need anything else.
Thanks for your help.
Ain
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide