cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

678
Views
5
Helpful
6
Replies
Highlighted

ISE 2.6 Alarms: Certificate Expired

On the ISE Dashlet started seeing the below alarm even though the node was removed long ago.

 

We have tried restarting the Application ISE but no luck.

 

Please input is there a way to flush the cache?

 

 

InkedALarm_LI.jpg

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

If the GUI doesn't expose the expired trusted certificate you should open a TAC case. They can install the root patch and go into the cli shell to manually remove the object(s) from the database. I recently had to do the same for an LDAP identity source.

View solution in original post

6 REPLIES 6
Highlighted
VIP Engager

If that certificate is no longer in use you can remove it from ISE by going to Administration->System->Certificate Management->Trusted Certificates. HTH!
Highlighted

@Mike.Cifelli  Thanks for your response, unfortunately the certs are not listed under Administration->System->Certificate Management->Trusted Certificates.

 

So I thought I try to restart the Application ISE but the did not help!

Highlighted

If the GUI doesn't expose the expired trusted certificate you should open a TAC case. They can install the root patch and go into the cli shell to manually remove the object(s) from the database. I recently had to do the same for an LDAP identity source.

View solution in original post

Highlighted


@Marvin Rhoads wrote:

If the GUI doesn't expose the expired trusted certificate you should open a TAC case. They can install the root patch and go into the cli shell to manually remove the object(s) from the database. I recently had to do the same for an LDAP identity source.


Thanks for your valuable input, appreciates.

Highlighted
Cisco Employee

You might want to look at Administration > System > Certificates > Trusted Certificate store. Looks like it’s a certificate in there that has expired.
Highlighted

It doesn't have the certificate under trusted certificate store, however I opened a TAC case to delete the cert through root access, will keep you posted.