Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4545
Views
0
Helpful
8
Replies

Secondary ISE cannot join the primary node with error message

Go to solution
Mountain Man
Level 1
Level 1

‎08-17-2012 08:20 AM - edited ‎03-10-2019 07:26 PM

Hi,

I have just installed the secondary ISE and did the followings, but when I try to join the primary node, I received the Cannot authenticate the primary ISE, please check the server or certificate and try again.

- promote the secondary from standalone to primary

- export self cert from the seconary

- import the cert to the primary

- try to add not on the secondary used both IP and host name with super admin user

One thing I have noticed that the instruction on the ISE 1.1.1 import cert on primary section mentioned:

  1. Choose Administration > System > Certificates.
  2. From the Certificate Operations navigation pane on the left, click Certificate Authority Certificates.

but the Certificat Authority Certificates does not exist on the left pane. I choosed Certificate store instead

ise.png

any suggestions?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Tarik Admani
VIP Alumni
VIP Alumni
In response to Mountain Man

‎08-17-2012 08:58 AM

Hi,

Did you set the secondary node to primary? You may have tried to register the node in the wrong direction. For a node to register with the primary node, the registration request must be initiated from the primary node.

Thanks,

Tarik Admani
*Please rate helpful posts*

View solution in original post

0 Helpful
8 Replies 8

Go to solution
edondurguti
Level 4
Level 4

‎08-17-2012 08:37 AM

I've seen that order to be different on the cert guide aswell.

Make sure that the admin password matches

0 Helpful

Go to solution
Mountain Man
Level 1
Level 1
In response to edondurguti

‎08-17-2012 08:39 AM

Yes. Admin password is match. I have also tested to using a different super admin user created on both system. none of them working

0 Helpful

Go to solution
edondurguti
Level 4
Level 4
In response to Mountain Man

‎08-17-2012 08:41 AM

do you have both certs on the primary node as of right now?

if you go to

Administration > System > Certificates

choose Certificate Store

what do you see there?

.

0 Helpful

Go to solution
Mountain Man
Level 1
Level 1
In response to edondurguti

‎08-17-2012 08:44 AM

Yes. I have two certs there, one is local/primary the other one is imported from the secondary

0 Helpful

Go to solution
edondurguti
Level 4
Level 4
In response to Mountain Man

‎08-17-2012 08:49 AM

I'm sorry, you do or don't see two certs there?

0 Helpful

Go to solution
Mountain Man
Level 1
Level 1
In response to edondurguti

‎08-17-2012 08:54 AM

I tried to add the cert from primary and imported it into the secondary. Run add note again, get different error:

Unable to register primary_host. Node is not a Standalone node.

0 Helpful

Go to solution
Tarik Admani
VIP Alumni
VIP Alumni
In response to Mountain Man

‎08-17-2012 08:58 AM

Hi,

Did you set the secondary node to primary? You may have tried to register the node in the wrong direction. For a node to register with the primary node, the registration request must be initiated from the primary node.

Thanks,

Tarik Admani
*Please rate helpful posts*

0 Helpful

Go to solution
Mountain Man
Level 1
Level 1
In response to Tarik Admani

‎08-17-2012 09:18 AM

Thanks,  Tarik:  that's It.

0 Helpful
Customers Also Viewed These Support Documents