02-06-2019 11:42 AM
hi there i hope you are doing well
we are integration a ise 2.2 with splunk following this guide
but we are having problems with the integration it's giving us root certificate not trusted
how is the hierarchy in ise for this?
can be in the other way around, like they create a cert and we import that cert to ise with the privs for pxgrid?
02-06-2019 02:45 PM
As noted in the document, ISE admin node is the root CA. The ISE admin node is also a sub-CA (This is done to allow redundant ISE admin node to have single hierarchy). Then the PSN will be sub CA below admin node sub-CA. Any of the pxGrid client will be issued certificate by PSN (Or admin node with PSN persona). I suggest using this method as it will not require any changes to the ISE CA setup.
02-06-2019 03:03 PM
02-16-2019 09:03 AM - edited 02-16-2019 09:04 AM
They are individual certificates.
Go to ISE admin web UI > Administration > System > Certificates > Certificate Management > System Certificates
Select the system certificate used by pxGrid and click on the tool "View"
02-17-2019 01:41 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide