10-05-2022 12:59 AM
We have a current certificate chain with a root certificate and an intermediate certificate that expires in two months.
In our case, we do not use the internal PKI that is built into ISE, but an external PKI where the root and intermediate certificates come from.
Until the expiration of current certificates, we would like to add a new root and intermediate certificate, but issued by the same chain(root and intermediate).
Since the certificates in the "new chain" are going to be issued from the old ones, in our case it will have the same CN. We have no way to change that.
We would therefore need to see if the new root and intermediate certificates can be imported and coexist with the old ones, despite the same CN (common name).
Is it possible to have installed two different certificates(root and intermediate), but with the same CN in Cisco ISE 2.6 update 10? If it doesn't work, is it supported in a newer version of ISE?
Solved! Go to Solution.
10-05-2022 05:36 AM
Yes this should work fine in my experience (as long as you are talked about the Trusted Certificates store).
10-05-2022 05:36 AM
Yes this should work fine in my experience (as long as you are talked about the Trusted Certificates store).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide