Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
279
Views
1
Helpful
2
Replies

Deploy certificate with Cisco ISE

danielesquaranti
Level 1
Level 1

‎08-02-2024 06:28 AM

Hi,

I want to understand if there's the possibility to deploy in automatic or create a portal where the user can install a certificate in the trusted root certification authority of their pcs.

The pc of the clients aren't in my active directory domain, so are external.

I already had a policy that put the clients in a separate vlan with ise.

 

Thanks

0 Helpful
2 Replies 2

Rob Ingram
VIP
VIP

‎08-02-2024 06:36 AM

@danielesquaranti in this scenario you could use the  BYOD functionality of ISE, where the user can enrol and receive a certificate issued by ISE CA.

Cisco ISE BYOD guide has the information to configure - https://community.cisco.com/t5/security-knowledge-base/cisco-ise-byod-prescriptive-deployment-guide/ta-p/3641867#toc-hId--1521255055

 

ahollifield
VIP
VIP

‎08-05-2024 05:35 AM

Only for BYOD flows.  However you should use an MDM to manage these external devices and use that MDM to push out the certificates, not ISE.  What is the use-case for allowing unmanaged/unknown/external machines onto the protected network? What is the use-case for pushing certificates to unmanaged/unknown/external machines?

0 Helpful
Customers Also Viewed These Support Documents