Solved: Trusted Certificates in ISE

santhoshkdhanapal · ‎10-12-2023

Hi All,

In Cisco ISE, I didn't generate neither CSR nor binding certificate. In trusted certificate store , I uploaded trusted certificate of intermediate CA. I got padlock symbol for GUI admin access and guest portal yet to implement.

Is this a security risk in infrastructure? Any suggestions I appreciate in advance.

Cheers,

Santhosh

Greg Gibbs · ‎10-12-2023

No. If you are not issuing a trusted CA-signed certificate for the Admin (or other functions), then ISE would be using self-signed certificates which are inherently insecure and difficult to manage across the environment.

View solution in original post

Greg Gibbs · ‎10-12-2023

How To Implement Digital Certificates in ISE

santhoshkdhanapal · ‎10-12-2023

Thanks @Greg Gibbs for sharing the resource link. However I gone through that link before. My concern( Is trusted certificate alone enough for ISE configuration ?)

Greg Gibbs · ‎10-12-2023

No. If you are not issuing a trusted CA-signed certificate for the Admin (or other functions), then ISE would be using self-signed certificates which are inherently insecure and difficult to manage across the environment.

Trusted Certificates in ISE

SEG: Validation Error : Certificates signature verification failed

Cisco ISE Certificate Change - Considerations and Best Practices

Zero Trust Access for Defined Internet Destinations

October 7, 2024: EOL for certificate-based Trust integrations

Renewing or Deleting ISE Data Connect Trusted Certificate