cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
495
Views
0
Helpful
5
Replies

EAP Authentication certificate expiry in CISCO ISE

poornakumar
Level 1
Level 1

Hi Team,

If we renew EAP authentication certificate is there any pop up will shown to accept or trust the certificate in endpoints. If it shows pop up is there any way to handle it.

1 Accepted Solution

Accepted Solutions

@poornakumar ensure EAP certificate is signed by a Certificate Authortiy that is trusted by the client computer, meaning the root CA certificate is in the trust certificate store of the client computer, then replacing the EAP certificate would not cause a pop-up and would be transparent to the users.

View solution in original post

5 Replies 5

@poornakumar ensure EAP certificate is signed by a Certificate Authortiy that is trusted by the client computer, meaning the root CA certificate is in the trust certificate store of the client computer, then replacing the EAP certificate would not cause a pop-up and would be transparent to the users.

Thanks for the reply

check this Note

MHM

Screenshot (850).pngScreenshot (851).png

JPavonM
VIP
VIP

All of this works for Windows but not MacOS, as the new certificate must be inside the wirless profile, and that may trigger a pop up window requesting explicit Trust from the end user.

Actually today P1 raised for this issue.We have extended the certificate validity of the old self signed certificate but endpoint doesnt trust that certificate. But TAC mentioned like the existing certfiicate will get automatically renew. but it is not working as expected. So as a resolution we go for external CA. Issue got fixed within 10 min but it create a big issue.