11-11-2021 11:48 PM
Dear community,
As part of the ISE Posture with AnyConnect, I have imported the Root certificate to all domain hosts via GPO.
However, am still getting a Certificate error of untrusted server, when AnyConnect tries to talk to ISE appliance during posture process. The ISE is signed by the same Root Cert which is imported in the Trusted Authority in the hosts computers. And that certificate is checked to be used for portals also. However, I did not import this certificate in all of the hosts of the domain. And only Root is imported.
So my question is as following:
Should I also import the ISE certificate into this Trusted Authority in order to remove this error?
The guides are quite hard to decipher on this specific information.
Thank you,
Laura
Solved! Go to Solution.
11-15-2021 05:18 AM
Should I also import the ISE certificate into this Trusted Authority in order to remove this error?
-Please also import the intermediate certificate into the respective trust store on the client that is also a part of the chain. Test, and see if your result changes
Out of curiosity, are you using NAM or native supp.?
11-15-2021 05:18 AM
Should I also import the ISE certificate into this Trusted Authority in order to remove this error?
-Please also import the intermediate certificate into the respective trust store on the client that is also a part of the chain. Test, and see if your result changes
Out of curiosity, are you using NAM or native supp.?
11-16-2021 11:56 PM
I imported the ISE Certificate, however, this time, a Self Signed one, an the error went away.
Am using Cisco AnyConnect as an agent in the supplicant hosts.
Thank you,
Laura
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide