
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-01-2020 08:10 PM
Hi!
I am new in the ISE topic and I know there are differents kinds of certificate but I only get confused when I was looking information about each one of them.
Can someone help me please about what is the difference between these type of certificates?? or when we use each one of them :
-Server Certificate
-System Certificate
-ISE Certificate
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-02-2020 04:32 AM
Refer below link for clear understanding:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-02-2020 12:16 AM
Server Certificates are certs used by ISE functions such as EAP encryption,
WebUI, DTLS encryption, etc.
System Certificates include the CA certs (root and intermediate) that are
used to generate and sign server certificates. This is required to complete
the certificate hierarchy of a server certificate. If the certificate chain
for a server certificate is broken, it won't function correctly.
ISE certificates that are certs generated by ISE internal CA. ISE can act
as CA server and generate/ sign certificates.
**** please remember to rate useful posts
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-02-2020 04:32 AM
Refer below link for clear understanding:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-03-2020 08:47 AM
In my opinion, these are all the same. Depends on where you are seeing these being referred to. In the ISE GUI under Administration->System->Certificates, you will see a section for "System Certificates". These are all the certificates assigned to each ISE node. These are also considered server certificates. And could also be referred to as the ISE certificates. Again, depends on where you are seeing these terms used. Under the "System Certificates" section, you will see multiple certificates assigned to ISE and used for different purposes such as EAP, Admin, Portal, DTLS, etc.
If you then go to Administration->System->Certificates->Trusted Certificates, you will see all of the Certificate Authority (CA) certificates that ISE will trust. So if you have clients that will be authenticating to ISE using certificates that were issued by your organization's CA/PKI server, then you will need to have that server's Root CA and Intermediate CA certificates installed there and trusted for client authentication.
Hope that helps.
