ā10-19-2020 06:43 AM
Hi Experts,
Setup: ISE 2.6.0.156
I was able to restore the configuration and operational backup on second ISE standalone instance.
The certificate backup was done by exporting the certificates using CLI.
Now when I am trying to import the certificates of the first ISE instance from the repository I am getting this error below:
log4j:WARN No appenders could be found for logger (org.springframework.core.env.StandardEnvironment).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
Inside Session facade init
Old Memory Size : 16266772
In the init method of PDPFacade
Time taken for NSFAdminServiceFactory to load1846
Certificates are not compliant. Try to export certificates and import again.
Operation aborted. CA keys file is not acceptable
Where can I find more details why this is being reported?
Has anyone faced this issue before and solved it?
Solved! Go to Solution.
ā12-01-2020 06:52 PM - edited ā12-01-2020 06:53 PM
After installed Patch 7 on ISE, I tried CA import via CLI again. And it succeeded.
log4j:WARN No appenders could be found for logger (org.springframework.core.env.StandardEnvironment).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
Security Protocol list Start
Inside Session facade init
Old Memory Size : 32390220
In the init method of PDPFacade
Time taken for NSFAdminServiceFactory to load1027
Old Memory Size : 32390220
Import in progress...Old Memory Size : 32390220
The following 5 CA key pairs were imported:
-----snip-----
Stopping ISE Certificate Authority Service...
Starting ISE Certificate Authority Service...
NSS database for CA Service is ready
ISE CA keys import completed successfully
hth
ā10-19-2020 12:26 PM - edited ā10-19-2020 03:04 PM
making stuff simplier & assuming u try to assign system' certificate, r u able to do it via GUI?
P.S. remember more details may kill u :0)
ā11-20-2020 04:14 PM
I'm in the same situation and it seems we are hitting bug CSCvs47941
ā11-22-2020 09:12 PM
The bug details show that the issue is fixed in 2.6.0.156-Patch7, did you get a chance to patch it import certs via CLI?
ā12-01-2020 06:52 PM - edited ā12-01-2020 06:53 PM
After installed Patch 7 on ISE, I tried CA import via CLI again. And it succeeded.
log4j:WARN No appenders could be found for logger (org.springframework.core.env.StandardEnvironment).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
Security Protocol list Start
Inside Session facade init
Old Memory Size : 32390220
In the init method of PDPFacade
Time taken for NSFAdminServiceFactory to load1027
Old Memory Size : 32390220
Import in progress...Old Memory Size : 32390220
The following 5 CA key pairs were imported:
-----snip-----
Stopping ISE Certificate Authority Service...
Starting ISE Certificate Authority Service...
NSS database for CA Service is ready
ISE CA keys import completed successfully
hth
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide