Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1317
Views
0
Helpful
4
Replies

ISE 2.1 self signed certificates - Renew

sadowski271
Level 1
Level 1

‎02-25-2019 03:00 AM - edited ‎02-25-2019 03:01 AM

hi all!

I do not find anything in any manulas regarding certificate on ISE server and renew option in self-signed cert(only import the new one is described). Currently I do not use  any internal or external CA. current self-signed cert will be not valid in few weeks and I would like to extend it for next year. When I did a change and put in renew field 1 year - I see that inside system certifcates the valid date is changed and the same after export and import that new one to Trusted certicates store on ISE Server. but when I log in i see that in browser old certificates still exist. Is it neccessary to restart the ISE application ?

I have a distributed deployment 2xAdmin 2 x monitor 2x PSN

thx for help !!

 

 

0 Helpful
4 Replies 4

Rob Ingram
VIP
VIP

‎02-25-2019 04:59 AM

Hi,
When replacing the Admin certificate the ISE application server service would inform you that service will be restarted, it does this itself when you click Yes/Ok. If you navigate to Administration > Certificates > System Certificates does it confirm the new certificate is "Used By" "Admin"? If not then the new certificate has not been bound to that role.

If the new certificate is "Used By" "Admin" then potentially the browser just needs refreshing.

HTH
0 Helpful

sadowski271
Level 1
Level 1
In response to Rob Ingram

‎02-25-2019 05:08 AM

Hi

it is used by Admin role. What i have done is use the renewal option for self-signed certificate. After clicking "save" ISE didn't restart but Expiration date for certificates used for Admin role has changed

0 Helpful

NaujEl
Level 1
Level 1
In response to sadowski271

‎06-02-2024 09:24 PM

Hi,

Apologies for the delay. Did this option work for you?

0 Helpful

ahollifield
VIP
VIP
In response to NaujEl

‎06-03-2024 05:26 AM

This is a very old post from a long EOL version of Cisco ISE.  I would highly suggest starting a new post for your issue.  https://www.cisco.com/c/en/us/products/collateral/security/identity-services-engine/bulletin-c25-741732.html

0 Helpful
Customers Also Viewed These Support Documents