Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3557
Views
10
Helpful
7
Replies

ISE 2.6 Alarms: Certificate Expired

Go to solution
PradeepkumarPalani2405
Level 1
Level 1

‎04-29-2020 03:38 AM

On the ISE Dashlet started seeing the below alarm even though the node was removed long ago.

 

We have tried restarting the Application ISE but no luck.

 

Please input is there a way to flush the cache?

 

 

InkedALarm_LI.jpg

1 person had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to PradeepkumarPalani2405

‎04-30-2020 05:38 AM

If the GUI doesn't expose the expired trusted certificate you should open a TAC case. They can install the root patch and go into the cli shell to manually remove the object(s) from the database. I recently had to do the same for an LDAP identity source.

View solution in original post

7 Replies 7

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎04-29-2020 05:09 AM

If that certificate is no longer in use you can remove it from ISE by going to Administration->System->Certificate Management->Trusted Certificates. HTH!
0 Helpful

Go to solution
PradeepkumarPalani2405
Level 1
Level 1
In response to Mike.Cifelli

‎04-30-2020 12:19 AM

@Mike.Cifelli  Thanks for your response, unfortunately the certs are not listed under Administration->System->Certificate Management->Trusted Certificates.

 

So I thought I try to restart the Application ISE but the did not help!

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to PradeepkumarPalani2405

‎04-30-2020 05:38 AM

If the GUI doesn't expose the expired trusted certificate you should open a TAC case. They can install the root patch and go into the cli shell to manually remove the object(s) from the database. I recently had to do the same for an LDAP identity source.

Go to solution
PradeepkumarPalani2405
Level 1
Level 1
In response to Marvin Rhoads

‎05-04-2020 05:20 AM

@Marvin Rhoads wrote:

If the GUI doesn't expose the expired trusted certificate you should open a TAC case. They can install the root patch and go into the cli shell to manually remove the object(s) from the database. I recently had to do the same for an LDAP identity source.

Thanks for your valuable input, appreciates.

0 Helpful

Go to solution
Surendra
Cisco Employee
Cisco Employee

‎05-04-2020 07:24 AM

You might want to look at Administration > System > Certificates > Trusted Certificate store. Looks like it’s a certificate in there that has expired.
0 Helpful

Go to solution
PradeepkumarPalani2405
Level 1
Level 1
In response to Surendra

‎05-13-2020 07:07 AM

It doesn't have the certificate under trusted certificate store, however I opened a TAC case to delete the cert through root access, will keep you posted.

Go to solution
Jetpack
Level 1
Level 1
In response to PradeepkumarPalani2405

‎10-28-2020 11:00 AM

I was wondering if the TAC case resolved this?

0 Helpful
Customers Also Viewed These Support Documents