Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1427
Views
1
Helpful
2
Replies

MAC address type when issuing Sever Certificate in Provisioning Portal

Go to solution
Lucas Woo
Level 1
Level 1

‎04-27-2022 06:20 PM

Hello,

As you see a title, I have to enter MAC address before issuing Server Certificate in Certificate Provisioning.

ise_mac.jpg

 

However I don`t know what type of MAC address I have to enter.

Is it MAC address of virtual server? or of physical server?

Do I need to enter correct MAC address value when importing certificate into server?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Arne Bier
VIP
VIP

‎05-02-2022 01:33 PM

This field should contain the MAC address of the devices that this certificate will be installed on - e.g. if it's a mobile device (laptop) connecting via wifi, then it's the wifi MAC address. It serves as an additional security check to ensure that the cert belongs to the intended device.

It's a bit of an outdated security concept now because MAC addresses are mostly randomised when they connect to different SSIDs, and also MAC addresses can be spoofed. But putting any valid MAC address there is ok - you can choose to not check it during ISE Authorization. In other words, just ignore checking the MAC address if you don't care about it. But the cert creation process requires some valid MAC address to be there.

View solution in original post

2 Replies 2

Go to solution
Arne Bier
VIP
VIP

‎05-02-2022 01:33 PM

This field should contain the MAC address of the devices that this certificate will be installed on - e.g. if it's a mobile device (laptop) connecting via wifi, then it's the wifi MAC address. It serves as an additional security check to ensure that the cert belongs to the intended device.

It's a bit of an outdated security concept now because MAC addresses are mostly randomised when they connect to different SSIDs, and also MAC addresses can be spoofed. But putting any valid MAC address there is ok - you can choose to not check it during ISE Authorization. In other words, just ignore checking the MAC address if you don't care about it. But the cert creation process requires some valid MAC address to be there.

Go to solution
Lucas Woo
Level 1
Level 1
In response to Arne Bier

‎05-04-2022 02:30 AM

@Arne Bier 
Thank you for your reply and this helped me a lot.

I understand solutions about this.

0 Helpful
Customers Also Viewed These Support Documents