Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6519
Views
0
Helpful
4
Replies

Certificate for Guestportal (ISE)

lupingyao
Level 1
Level 1

‎06-02-2015 02:08 AM - edited ‎03-10-2019 10:46 PM

Hi,

 

Could someone tell me how to request one Certificate for Guestportal? I saw the cisco Documentation, they use wildcard, could I just use one SSL Certifcate for Guestportal or for sponsorportal? and How?

you can find the configuration in Attachment, what meaning about "Certifcate(s) will be used for Portal", is it for Guest, sponsor or both?

 

Labels:
Preview file
30 KB
0 Helpful
4 Replies 4

Venkatesh Attuluri
Cisco Employee
Cisco Employee

‎06-08-2015 03:02 AM

you can have different certificates installed which can be used for different functions. You can assign one certificate for portals usage and its for both guest and sponsor portals

0 Helpful

lupingyao
Level 1
Level 1
In response to Venkatesh Attuluri

‎06-11-2015 01:49 AM

Hi Venkatesh,

 

Thanks for your reply!

but there are different URL between the sponsor URL and the guest URL. So i do not know how can one certificate for 2 Portals(guest and sponsor)?

when i want one certificate just for the guest Portal then i should generate like Attachment?

 

another quest about the URL for guest Portal, why is the URL always the IP:8443.

how can I konfigure the URL:8443?

Preview file
19 KB
Preview file
10 KB
0 Helpful

Venkatesh Attuluri
Cisco Employee
Cisco Employee
In response to lupingyao

‎06-15-2015 02:15 AM

you can use portal group tag

The Portal group tag is used to tag certificates across the nodes in an ISE deployment with a common name. This makes it easier to configure what certificate to present for a Guest portal or Device portal on an ISE node by selecting a single Portal group tag instead of individually selecting a certificate per node.

For example, when generating wildcard or non-wildcard portal certificates for a Sponsor Portal enter a Portal group tag like "Sponsor Certs". Then select the ISE nodes to generate Certificate Signing Requests. After the CSRs have been signed and bound back to the original request, the certificates will be associated with the Portal group tag of "Sponsor Certs".
Inside the Sponsor Portal settings, select "Sponsor Certs" as the certificate to use. Then when a user connects to the Sponsor Portal on PSN1 for example, ISE will present the certificate tagged as "Sponsor Certs" on PSN1 to the portal user.

0 Helpful

lupingyao
Level 1
Level 1
In response to Venkatesh Attuluri

‎06-20-2015 08:10 AM

thanks Venkatesh.

I answer the question myself.

1. I use the command in CLI to change the URL IP to URL name, like 10.10.10.10:8443 to guestportal.test.com(ip hostname 10.10.10.10 gastportal.test.com)

2. I create the Certificate just for Portal and DNS name is guestportal.test.com!(not need the wildcard Certificate)

 

0 Helpful
Customers Also Viewed These Support Documents