02-19-2023 11:46 PM
I want to Install public certificate for ISE. and Endpoint must use local PKI certificate for authentication.
is it possible?
Solved! Go to Solution.
02-20-2023 12:43 AM
you are Awesome
02-20-2023 12:06 AM
@SAM1275 yes, you can use public certificate for EAP on ISE. As long as ISE has the internal root CA installed in ISE, then the client computers can use a certificate issued by the local CA to authenticate using 802.1X.
Obviously the client computers will need to trusted the public certificate use by ISE, but most computers will have the public root certificates installed as default.
02-20-2023 12:25 AM
Thanks for information.
Just 1 more information i would require.
do we require to host ISE on public network or without also possible?
02-20-2023 12:28 AM
@SAM1275 no ISE does not need to be hosted on a public network, ISE would be in your internal LAN.
02-20-2023 12:36 AM
Then how will get public certificate installed on ISE System for EAP authentication?
02-20-2023 12:40 AM
@SAM1275 The CA would require a public registered domain name in order to sign the certiifcate, however ISE does not need to be hosted in the public network.
You create a certificate signing request (CSR) give this to the public CA to sign and import to ISE.
02-20-2023 12:43 AM
you are Awesome
04-13-2023 07:45 AM
What should i fill in CN and SAN?
public domain, but in ise system ip domain configured with local domain name.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide