Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
840
Views
1
Helpful
4
Replies

Error when performing a GET API PostmanxISE - Self signed certificate

Go to solution
Jalmeida
Level 1
Level 1

‎04-07-2024 08:03 AM

Guys,
I hope you are well.

I need help understanding where I'm going wrong in my API lab.
I went to ISE, enabled ERS, and created the admin user and to access the API.

jardelalmeida_1-1712501788453.png

 

I followed all the authorization parameters and headers, however, I am receiving the error "Self signed certificate in certificate chain".

jardelalmeida_0-1712501453349.png

 

I followed the instructions, went to Postman, and pointed to the certificate, and I still get error 400. Has anyone ever encountered this error? Could you please help me understand how to solve it?

 

jardelalmeida_2-1712502035088.png

 

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee
In response to Jalmeida

‎04-08-2024 03:47 PM - edited ‎04-08-2024 04:02 PM

In the Postman documentation for the Certificates settings, it states "To connect to an API that uses Mutual TLS (mTLS)..."

AFAIK, the ISE API does not support mTLS. There is some support for certificate-based API authentication from ISE 3.3, but I don't believe that is using mTLS.

In my lab, SSL Certificate Verification is turned off in both the global General settings as well as at the API call level and it works with no issues.

You can also find some example Postman collections for ISE here:
https://github.com/1homas/ise-postman-collections

 

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee

‎04-07-2024 04:28 PM

You would either need to add the certificate files (including the private key) for the self-signed certificate or disable the certificate verification.

See this Postman document for more info.

Go to solution
Jalmeida
Level 1
Level 1
In response to Greg Gibbs

‎04-08-2024 09:33 AM

Hello @Greg Gibbs 

Thank you for the return. I uploaded a new certificate, I already added the path, and even though it doesn't report an error with https access, Postman continues to report the "Self signed certificate in certificate chain" problem. When I disable ssl it doesn't work

 

jardelalmeida_0-1712592842363.png

jardelalmeida_1-1712593978238.png

 

 

 

 

 

 

 

0 Helpful

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee
In response to Jalmeida

‎04-08-2024 03:47 PM - edited ‎04-08-2024 04:02 PM

In the Postman documentation for the Certificates settings, it states "To connect to an API that uses Mutual TLS (mTLS)..."

AFAIK, the ISE API does not support mTLS. There is some support for certificate-based API authentication from ISE 3.3, but I don't believe that is using mTLS.

In my lab, SSL Certificate Verification is turned off in both the global General settings as well as at the API call level and it works with no issues.

You can also find some example Postman collections for ISE here:
https://github.com/1homas/ise-postman-collections

 

0 Helpful

Go to solution
Jalmeida
Level 1
Level 1
In response to Greg Gibbs

‎04-08-2024 04:32 PM

Thank you for your feedback master. I'll read this article calmly, but the problem really is with postman.

jardelalmeida_0-1712618774098.png

I did it via curl and it worked.

jardelalmeida_1-1712618845903.png

 

I did it using Python with IDLE and it also worked, that is, it is a parameter in postman.

jardelalmeida_2-1712618919526.png

Anyway, thank you very much, it helped me a lot.

 

 

 

 

 

 

0 Helpful
Customers Also Viewed These Support Documents