02-23-2015 02:29 PM - edited 03-10-2019 10:29 PM
We just renewed our public cert, which I installed on my ISE nodes. I have attempted to delete the expired cert, but get various errors and cannot delete them. I did not see any related bug. Ideas?
Errors on the PSNs
I am not sure how I change the portal configuration?...
Error on the PANs
02-23-2015 07:35 PM
Before a certificate can be deleted, all of its current tasks/functions must be assigned to another certificate. So you should first:
- Import your new cert
- Edit the cert and assign the EAP Authentication and Portal Certificate Group Tag that you are currently using to it.
- Then go back and delete the old certificate
Thank you for rating helpful posts!
02-24-2015 01:53 PM
What if I have a cert whose functions I no longer want assigned to a particular ISE node? For example, when we originally setup the primary PAN, we assigned the cert Portal, EAP Authentication, and Admin functions.
We only want/need the Admin function for the PANs, so how do I get rid of the other functions?
thx
02-25-2015 04:59 PM
So you cannot disable EAP...You can decide to not use it in your ISE policies but the protocol is always there and it needs a certificate coupled to that function.
For the guest portal: You can delete all of the guest portal that you don't use and thus removing the need for that function.
To make things easier, you can just generate a self-signed cert and assign all of services that you are not using to it.
Thank you for rating helpful posts!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: