Solved: Re: Cisco ISE 3.3p3 - repository with PKI auth is not working

Sven Hruza · ‎09-24-2024

Hello,
I updated a ISE deployment from version 3.2p4 to 3.3p3.
For backup I use a SFTP server with PKI authentication. This repository worked with the old version, but is not with the new one.
I checked the host_key, added all new and added also the exported public key from the ISE server into the SFTP server (again).

But if I try to verify the repository, I get the error message, that I should reconfigure the password.
"Repository validation failed due to error - . In case Backup was restored on different setup, please re-configure the repository passwords (Expected behaviour)"

I configured the repo in the Web GUI. In the CLI it looks okay. Port 22 is also reachable, I get a prompt if I do a ssh to the server.

!
repository sftp-server
url sftp: //sftp-server/backup/ise
user ise-backup rsa-public-key
!

Any ideas? Thanks in advance!

Sven Hruza · ‎09-25-2024

Thanks for the hint with the bug.

It turned out, that something on the SFTP server side was wrong.
That means, it is working now.

But the error message, that the user/password is wrong, is a little bit unlucky if you don't use a user/password.

Thanks anyway!

View solution in original post

marce1000 · ‎09-25-2024

- FYI : https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa35638
Check Workaround:

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Sven Hruza · ‎09-25-2024

Thanks for the hint with the bug.

It turned out, that something on the SFTP server side was wrong.
That means, it is working now.

But the error message, that the user/password is wrong, is a little bit unlucky if you don't use a user/password.

Thanks anyway!