Solved: Re: Guest Portal Certificate Error only on Android Devices in ISE 2.4 patch 7 or later

ajtm · ‎07-16-2019

ISE 2.4 patch 7, 8 or 9

Guest Portal with wildcard certificate signed by public CA (COMODO) - everything works fine in IOS devices and Windows browsers (Chrome, Firefox, IE...) but in Android devices we receive untrusted certificate error.

ISE 2.4 patch 5 or 6

Everything works fine in all tested platforms and browsers.

Jason Kunst · ‎07-16-2019

please open a tac case as this is a break fix and needs to be root caused, a bug open, etc
https://community.cisco.com/t5/security-documents/how-to-ask-the-community-for-help/ta-p/3704356

View solution in original post

scott.stapleton · ‎07-18-2019

More info: https://community.cisco.com/t5/cisco-bug-discussions/cscut26025-doc-ise-certificate-chain-is-not-being-send-till/m-p/3879470

View solution in original post

Jason Kunst · ‎07-16-2019

please open a tac case as this is a break fix and needs to be root caused, a bug open, etc
https://community.cisco.com/t5/security-documents/how-to-ask-the-community-for-help/ta-p/3704356

ajtm · ‎07-17-2019

I will do that. Only a small correction, it is patch 8 or later, patch 7 works fine.

scott.stapleton · ‎07-18-2019

I'm also hitting this issue on Android and Chrome, 2.4 patch 9.

I'll be interested to hear what you find.

scott.stapleton · ‎07-18-2019

More info: https://community.cisco.com/t5/cisco-bug-discussions/cscut26025-doc-ise-certificate-chain-is-not-being-send-till/m-p/3879470

ajtm · ‎07-19-2019

CSCvp75207 workaround is working fine but I’m afraid of the security consequences.