Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2424
Views
5
Helpful
3
Replies

Internal certificates settings and CA Certificates

Go to solution
SMD28316
Level 1
Level 1

‎03-10-2021 04:00 AM - edited ‎03-10-2021 04:20 AM

I have the Internal certificates settings disabled, if I enabled them, do I need to regenerate new self-signed certs for the CA certificates?

I can't find anything in the documentation.

1 Accepted Solution

Accepted Solutions

Go to solution
Filip Po
Level 1
Level 1

‎03-10-2021 05:17 AM

Hello,

do you mean when you enable Certification Authority in your ISE environment?

If yes, then all your self-signed certificates remain usable and valid.

But at the moment you will start using the ISE Certification Authority it's recommended to generated new certificates and use them in your environment (Admin, Portals, EAP, BYOD, etc.).

 

My recommendation is for Admin and portal use internal AD CA, if possible. Than all your secured services will be accessible and valid from AD infrastructure even without importing an ISE root CA certificate.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎03-10-2021 04:02 AM

If the Cert is Valid it should work as expected, so check the Validity - before enabling.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
SMD28316
Level 1
Level 1
In response to balaji.bandi

‎03-10-2021 04:57 AM

Thank you for your reply, I meant Internal certificates settings not the Internal certificates themselves

0 Helpful

Go to solution
Filip Po
Level 1
Level 1

‎03-10-2021 05:17 AM

Hello,

do you mean when you enable Certification Authority in your ISE environment?

If yes, then all your self-signed certificates remain usable and valid.

But at the moment you will start using the ISE Certification Authority it's recommended to generated new certificates and use them in your environment (Admin, Portals, EAP, BYOD, etc.).

 

My recommendation is for Admin and portal use internal AD CA, if possible. Than all your secured services will be accessible and valid from AD infrastructure even without importing an ISE root CA certificate.

0 Helpful
Customers Also Viewed These Support Documents