cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4546
Views
0
Helpful
8
Replies

Secondary ISE cannot join the primary node with error message

Mountain Man
Level 1
Level 1

Hi,

I have just installed the secondary ISE and did the followings, but when I try to join the primary node, I received the Cannot authenticate the primary ISE, please check the server or certificate and try again.

- promote the secondary from standalone to primary

- export self cert from the seconary

- import the cert to the primary

- try to add not on the secondary used both IP and host name with super admin user

One thing I have noticed that the instruction on the ISE 1.1.1 import cert on primary section mentioned:

  1. Choose Administration > System > Certificates.
  2. From the Certificate Operations navigation pane on the left, click Certificate Authority Certificates.

but the Certificat Authority Certificates does not exist on the left pane. I choosed Certificate store instead

ise.png

any suggestions?

1 Accepted Solution

Accepted Solutions

Hi,

Did you set the secondary node to primary? You may have tried to register the node in the wrong direction. For a node to register with the primary node, the registration request must be initiated from the primary node.

Thanks,

Tarik Admani
*Please rate helpful posts*

View solution in original post

8 Replies 8

edondurguti
Level 4
Level 4

I've seen that order to be different on the cert guide aswell.

Make sure that the admin password matches

Yes. Admin password is match. I have also tested to using a different super admin user created on both system. none of them working

do you have both certs on the primary node as of right now?

if you go to

Administration > System > Certificates

choose Certificate Store

what do you see there?

.

Yes. I have two certs there, one is local/primary the other one is imported from the secondary

I'm sorry, you do or don't see two certs there?

I tried to add the cert from primary and imported it into the secondary. Run add note again, get different error:

Unable to register primary_host. Node is not a Standalone node.

Hi,

Did you set the secondary node to primary? You may have tried to register the node in the wrong direction. For a node to register with the primary node, the registration request must be initiated from the primary node.

Thanks,

Tarik Admani
*Please rate helpful posts*

Thanks,  Tarik:  that's It.