Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
528
Views
0
Helpful
1
Replies

Re-generating CSR for MNT node

nayashai@cisco.com
Cisco Employee
Cisco Employee

‎09-12-2017 02:23 AM

Hi Team,

I have deployed internal signed certificates for Primary MNT, Secondary MNT, Primary PxGrid and Secondary PxGrid Nodes. I used the pxGrid CA template for signing the requests to pxGrid nodes and webserver template for MNT nodes. After i had a discussion with pxGrid TME, he told me to use the pxGrid template for MNT nodes for successful pxGrid setup. The error/issue i am getting here when i tried to generate a new CSR for the MNT nodes, it is throwing an error. And i tried to delete the existing CSR signed certificate from system certificate tab. And one more point, i raised the previous CSR requests from the cluster and not while in standalone node. Screen Shot 2017-09-12 at 2.50.09 PM.pngScreen Shot 2017-09-12 at 2.52.08 PM.png

0 Helpful
1 Reply 1

hslai
Cisco Employee
Cisco Employee

‎09-12-2017 09:00 AM

Are you unable to add O or OU field to make the CSR not conflicting with the existing one(s)? That should have worked.

That is, each system certificate in ISE needs a unique "Subject", which combining CN, O, OU, etc. And, we can't delete a certificate that is in-use as a protection for referential integrity.

0 Helpful
Customers Also Viewed These Support Documents