Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1472
Views
5
Helpful
3
Replies

ISE 2.7 EAP Certificate

jrmildren
Level 1
Level 1

‎09-09-2020 06:56 PM

I am deploying ISE 2.7. For the EAP certificate is it possible to use a publicly signed certificate then import the same certificate into all of the PSNs? This would simplify things and eliminate devices that are not part of the domain from seeing an untrusted certificate warning. 

0 Helpful
3 Replies 3

Colby LeMaire
VIP Alumni
VIP Alumni

‎09-09-2020 08:16 PM

That is actually the recommended approach but the certificate has to be a wildcard certificate.  Ensure the Subject/Common Name (CN) is set to one of the ISE nodes' FQDN and then use the wildcard as a SAN DNS Name such as *.mycompany.com.  The Subject/CN cannot be a wildcard or Windows clients will complain.

jrmildren
Level 1
Level 1
In response to Colby LeMaire

‎09-10-2020 04:34 AM

Thank you for the reply.  The CN would be ise.xyz.local and the wildcard in the SAN would be *.xyz.com.  Will this work?

0 Helpful

Colby LeMaire
VIP Alumni
VIP Alumni
In response to jrmildren

‎09-10-2020 06:55 AM

That is correct!

0 Helpful
Customers Also Viewed These Support Documents