Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
796
Views
0
Helpful
2
Replies

ISE Profiler - Check certificate issuer value

jif0x
Level 1
Level 1

‎07-19-2022 02:20 AM - edited ‎07-19-2022 02:23 AM

Hello all,

Is it possible to use the certificate "Issuer" value for profiling?

On the endpoints Attribute page, I see the following fields:

IssuerCN=ExampleIssuingCA\,DC=example\,DC=local
Issuer - Common NameExampleIssuingCA
Issuer - Domain Componentexample, local

What do I need to specify as Profiler Condition to reference that value?


0 Helpful
2 Replies 2

Arne Bier
VIP
VIP

‎07-19-2022 02:53 AM - edited ‎07-19-2022 03:10 AM

I don't believe you can construct a Profiler Rule that leverages Certificate attributes.

No option for that when building a Profiler Condtion

profiler-conditions.png

Another approach may be to simply perform the Cert checks in the Authorization, in combination with your existing Profiling Policies. Profiling is generally something that is gleaned prior to a TLS connection. 

0 Helpful

jif0x
Level 1
Level 1
In response to Arne Bier

‎07-19-2022 04:25 AM

Thanks, Arne. I'll try to configure that.
0 Helpful
Customers Also Viewed These Support Documents