04-27-2022 06:20 PM
Hello,
As you see a title, I have to enter MAC address before issuing Server Certificate in Certificate Provisioning.
However I don`t know what type of MAC address I have to enter.
Is it MAC address of virtual server? or of physical server?
Do I need to enter correct MAC address value when importing certificate into server?
Solved! Go to Solution.
05-02-2022 01:33 PM
This field should contain the MAC address of the devices that this certificate will be installed on - e.g. if it's a mobile device (laptop) connecting via wifi, then it's the wifi MAC address. It serves as an additional security check to ensure that the cert belongs to the intended device.
It's a bit of an outdated security concept now because MAC addresses are mostly randomised when they connect to different SSIDs, and also MAC addresses can be spoofed. But putting any valid MAC address there is ok - you can choose to not check it during ISE Authorization. In other words, just ignore checking the MAC address if you don't care about it. But the cert creation process requires some valid MAC address to be there.
05-02-2022 01:33 PM
This field should contain the MAC address of the devices that this certificate will be installed on - e.g. if it's a mobile device (laptop) connecting via wifi, then it's the wifi MAC address. It serves as an additional security check to ensure that the cert belongs to the intended device.
It's a bit of an outdated security concept now because MAC addresses are mostly randomised when they connect to different SSIDs, and also MAC addresses can be spoofed. But putting any valid MAC address there is ok - you can choose to not check it during ISE Authorization. In other words, just ignore checking the MAC address if you don't care about it. But the cert creation process requires some valid MAC address to be there.
05-04-2022 02:30 AM
@Arne Bier
Thank you for your reply and this helped me a lot.
I understand solutions about this.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: