Re-generating CSR for MNT node

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2017 02:23 AM
Hi Team,
I have deployed internal signed certificates for Primary MNT, Secondary MNT, Primary PxGrid and Secondary PxGrid Nodes. I used the pxGrid CA template for signing the requests to pxGrid nodes and webserver template for MNT nodes. After i had a discussion with pxGrid TME, he told me to use the pxGrid template for MNT nodes for successful pxGrid setup. The error/issue i am getting here when i tried to generate a new CSR for the MNT nodes, it is throwing an error. And i tried to delete the existing CSR signed certificate from system certificate tab. And one more point, i raised the previous CSR requests from the cluster and not while in standalone node.
- Labels:
-
Identity Services Engine (ISE)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2017 09:00 AM
Are you unable to add O or OU field to make the CSR not conflicting with the existing one(s)? That should have worked.
That is, each system certificate in ISE needs a unique "Subject", which combining CN, O, OU, etc. And, we can't delete a certificate that is in-use as a protection for referential integrity.
