ISE Portal not working after new Certificate - Page 2

Andreas Hoffmann · ‎09-26-2017

I am trying to replace the web certificate used for the Guest portal of my ISE ver 2.1.0.474; the current certificate was issued by the now deprecated StartSSL CA and thus needs to be replaced.

I generated a CSR with the valid domain name, exported it, and had it signed by a CA - with success.

I did a "bind certificate" - with success.

I edited the certifocate to select "Portal" as usage (with the Default = only group) - with success, that is: I accept the "portal will restart" message and after a few seconds, a toaster message that the certificate was successfully installed appears.

However, the portal is not working afterwards. Apparently, the web server restart does not work (nmap reports the port as closed). Switching back to the previous cert makes it work again.

What is wrong here?

Remark: The intermediate (Lets Encrypt X3) was already among the "Trusted Certificates"beforeI generated the CSR.

Cristian Matei · ‎10-29-2024

Hi,

Changing ISE certificate for web services / admin, does require an ISE application restart or box restart.

Best,

Cristian.

comenyi1 · ‎10-29-2024

For me it did. After replacing The certificate all of our guests traffic
was black holed. When I check the PSNs the portal was not listening on the
configured port changing the port numbers and changing it back to what
we've been using did not work until I restarted the application services on
the PSN