Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
191
Views
0
Helpful
1
Replies

Cisco ISE Authentication with Subject-CN?

Go to solution
chrismes
Level 1
Level 1

‎10-19-2025 02:29 AM - edited ‎10-19-2025 02:31 AM

ISE version 3.2.0.542

Trying to Authenticate a device with EAP-TLS, but the device does not offer SAN fields for CSR.
I just have the basic-fields.
I've tried to set ISE checking the Subject-CN of the certificate, but it seems ISE still searching for SAN and shows error "22047 User name attribute is missing in client certificate".

22070 Identity name is taken from certificate attribute
22047 User name attribute is missing in client certificate - Subject Alternative Name
22002 Authentication complete
22057 The advanced option that is configured for a failed authentication request is used
22061 The 'Reject' advanced option is configured in case of a failed authentication request
12507 EAP-TLS authentication failed

Any suggestions?
Thanks.
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
chrismes
Level 1
Level 1

‎10-19-2025 02:35 AM

Oh, now I see, there is "option" configured which is set to SAN.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
chrismes
Level 1
Level 1

‎10-19-2025 02:35 AM

Oh, now I see, there is "option" configured which is set to SAN.

0 Helpful
Customers Also Viewed These Support Documents