Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2580
Views
0
Helpful
2
Replies

Renewing SAML Certs in Distrubuted ISE Environments

neil.woodhouse
Level 1
Level 1

‎01-17-2020 08:33 AM

Self-Signed SAML certificates have expired on all ISE nodes, whilst SAML is not currently in use in the environment the alerts are somewhat irritating.

 

Try to generate a new Self-Siged SAML cert and it creates fine on the Primary Admin Node but I receive the following error in the GUI

 

Certificate was added but failed to replicate to the following nodes.

DC1-PD-ISE-P02

DC1-PD-ISE-P03

DC1-PD-ISE-P04

DC2-PD-ISE-P01

DC2-PD-ISE-P02

DC2-PD-ISE-P03

DC2-PD-ISE-P04

 

If anyone has any advice?

 

Thanks

2 people had this problem
0 Helpful
2 Replies 2

hslai
Cisco Employee
Cisco Employee

‎01-18-2020 06:42 PM

AFAIK only the primary ISE node needs a valid system certificate for SAML.

It seems you are hitting an old issue CSCuz59219. The bug might not be visible to you for another day or two, as its release-note enclosure not flagged properly and I just changed it.

0 Helpful

neil.woodhouse
Level 1
Level 1
In response to hslai

‎01-22-2020 03:41 AM

Unfortunately I still have "Insufficient Permissions to View Bug"

 

Thanks

 

Neil

0 Helpful
Customers Also Viewed These Support Documents