Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4498
Views
0
Helpful
4
Replies

Sponsor Portal - Error on certificate

Go to solution
rchockeelopez
Level 1
Level 1

‎03-27-2017 03:04 PM

Hi

I got a redirection with the sponsor portal but is giving me an error with the certificate of the sponsor.

My problem seems to be related with this link:

https://supportforums.cisco.com/discussion/12935021/ise-and-portals-certificate-management

Thanks for your help.

Regards

1 person had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎03-27-2017 03:55 PM

OK what exactly is the issue? That thread is resolved.

Are you using the FQDN?

If so you will need the sponsor portal FQDN in the SAN of the certificate. Also the certificate would either need to be associated with a well known certificate provider (ex: verisgin, godaddy)

have you looked at the guides?

How To: Implement ISE Server-Side Certificates

https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_011…

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎03-27-2017 03:55 PM

OK what exactly is the issue? That thread is resolved.

Are you using the FQDN?

If so you will need the sponsor portal FQDN in the SAN of the certificate. Also the certificate would either need to be associated with a well known certificate provider (ex: verisgin, godaddy)

have you looked at the guides?

How To: Implement ISE Server-Side Certificates

https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_011…

0 Helpful

Go to solution
lopezra@cpchem.com
Level 1
Level 1
In response to Jason Kunst

‎01-22-2020 10:29 AM

@Jason Kunst 

My issue is similar. When a user types the fqdn of the sponsor portal (sponsor.mydomain.com) , they sometimes get\ "NET::ERR_CERT_COMMON_NAME_INVALID".  The only difference is that I use a Wildcard Cert. My wildcard cert is appended to all the PSNs via the Portal Group Tag. This issue only occurs on 2 out of 4 of my sponsor portals (some are on different deployments; same versions ISE 2.6 P3). Our wildcard cert is registered with digicert. 

 

 

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to lopezra@cpchem.com

‎01-24-2020 08:15 PM

lopezra@cpchem.com wrote:

@Jason Kunst 

My issue is similar. When a user types the fqdn of the sponsor portal (sponsor.mydomain.com) , they sometimes get\ "NET::ERR_CERT_COMMON_NAME_INVALID".  The only difference is that I use a Wildcard Cert. My wildcard cert is appended to all the PSNs via the Portal Group Tag. This issue only occurs on 2 out of 4 of my sponsor portals (some are on different deployments; same versions ISE 2.6 P3). Our wildcard cert is registered with digicert. 

 

 

please contact the TAC to troubleshoot then

0 Helpful

Go to solution
lopezra@cpchem.com
Level 1
Level 1
In response to Jason Kunst

‎01-27-2020 06:25 AM - edited ‎01-27-2020 06:26 AM

@Jason Kunst  I did. Didn't get a good answer or documentation.

 

The fix I applied was to include the portal FQDN and Shortname in the SAN. Then the error message goes away. I have several sponsor portals that run on different PSN's. Therefore you must swap out the certs on every PSN that is used as a sponsor portal. 

 

Thanks,

Rey

0 Helpful
Customers Also Viewed These Support Documents