Re: ISE Certificate not trusted for Admin access and Portal access

Drthrax · ‎03-12-2020

Hi ,

I am trying to make ISE's self signed certificate to be trusted by my computer for admin access and for portal redirection ( same certificate ) . I extracted the cert (.pem) and then I renamed it with extension .cer in order to be executed by my laptop. after installing it in trusted root . it is still not showing that the connection to the ISE admin portal is not secure .

kindly advise !

Colby LeMaire · ‎03-12-2020

When you get the error on the browser, you can look at what it is complaining about. But in general for certificates, clients look at the following things:

- Is the certificate valid and not expired?

- Was it issued by a Root CA that the client trusts?

- Does the IP that you are hitting translate (DNS) to the FQDN in the certificate or is there a Subject Alternative Name (SAN) that includes the FQDN or IP that you are hitting?

Those are some things that you can check.

Drthrax · ‎03-12-2020

- Is the certificate valid and not expired?
YES
- Was it issued by a Root CA that the client trusts?
No , But I installed that self-signed certificate from ISE and activated it on my PC so that it will be trusted

- Does the IP that you are hitting translate (DNS) to the FQDN in the certificate or is there a Subject Alternative Name (SAN) that includes the FQDN or IP that you are hitting?
I am using the IP of ISE to access its admin page ( still showing not secure ) , I tried adding a static dns resolution locally on my PC that resolves name to IP and still nothing ,
any thoughts ?