09-07-2016 05:13 PM
Hi folks,
Is it posible to remove endpoint certificates generated by ISE internal CA?
Thanks,
Eric
Solved! Go to Solution.
09-08-2016 06:45 AM
Yes, you can revoke an endpoint cert by going to Administration > System > Certificates, choose Endpoint Certificates from the Left Menu. Select the cert you would like to revoke and click the X Revoke button.
Screenshot is from ISE 2.1
09-08-2016 06:45 AM
Yes, you can revoke an endpoint cert by going to Administration > System > Certificates, choose Endpoint Certificates from the Left Menu. Select the cert you would like to revoke and click the X Revoke button.
Screenshot is from ISE 2.1
11-02-2022 05:11 AM
Hi
If we are revoking the certificate the users are stil able to login.
We have gone to the internal ca and revoked the certificate but the device is still authenticating and getting on-board.
11-02-2022 02:34 PM
It sounds like ISE is not performing the revocation checks for some reason. I would suggest confirming the following:
If both of those are verified, you likely need to open a TAC case to investigate further.
09-08-2016 06:48 AM
You can revoke but not remove (delete)
09-08-2016 07:34 AM
Endpoint certificates will be removed 30 days after its expiry automatically. Revoked certificates will also be removed 30 days after expiry.
09-08-2016 10:48 AM
Thanks for the responses!
12-07-2018 12:18 AM
Hi howon,
How if the expired or revoke certificate to be retained or extend listed in endpoint certificate before automatically delete ?
08-03-2022 09:57 AM
so, what you saying if the certificate expire in 2 years, it will stay there for 2 years and 30 days before it is gone....WOW
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide