Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2231
Views
0
Helpful
5
Replies

Unable to import ca pairs key on ise node via cli

Go to solution
MaErre21325
Level 1
Level 1

‎06-10-2022 05:58 AM - edited ‎06-10-2022 06:00 AM

Hello guys,

 

i deployed a new node on my ise environment and i'm trying to import the ca key pairs from my repository via cli but i receive this error:

 

"Certificate files import from Repo failed, please verify repository settings"

 

this is very strange because doing a "show repository [repository name]" i can see all the file stored in it and this repository was used to export the ca key pairs, so i can understand the problem.

i've already stopped services and reloaded the node with no results...
The name of the ca key pairs is :"ise_ca_key_pair,  i've already changed it but had the same output.
Do you have any tip?

In attachment the screenshot of what i receive.

Ise version is 2.7 patch 7

 

Thank you

Regards

 

Preview file
197 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
MaErre21325
Level 1
Level 1

‎01-18-2023 07:22 AM

the problem was that the exported certicate was in a wrong format, i changed its type and the import wa successful

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Arne Bier
VIP
VIP

‎06-12-2022 05:36 PM - edited ‎06-12-2022 05:55 PM

Hi @MaErre21325 

 

I am curious, why are you importing the CA key pairs into this new node?  Is this for a BYOD deployment?

 

Did you enable the debug level 7 on the CLI before attempting the import?  This debug generally is useful for any file transfer issue. Perhaps your issue is not file transfer related.

 

debug transfer 7

 

When you view the repo with the show repo command, does that work?

 

regards

Arne

0 Helpful

Go to solution
MaErre21325
Level 1
Level 1
In response to Arne Bier

‎06-13-2022 12:32 AM

Hi @Arne Bier ,

this new node will work as PAN and MNT, yes we have BYOD enviroment that is managed by another node (dedicated PSN).

when i view my REPO throgh the show repository command it works correctly and i'm able to see every file in the REPO.

i'll do the debug asap and let you know,

 

thanks

regards

0 Helpful

Go to solution
MaErre21325
Level 1
Level 1

‎06-14-2022 02:36 AM

hello @Arne Bier ,

 

i've repeated the import with the debug activated, i'm able to access the repository, but it still fails with only this message:

 

Certificate files import from Repo failed, please verify repository settings

 

no additional information from the debug.

 

Thank you

Regards

0 Helpful

Go to solution
Arne Bier
VIP
VIP
In response to MaErre21325

‎06-14-2022 03:31 PM

I can't say I have ever used this successfully. Just for a laugh, I exported the stuff on a lab node (successful export) and then tried importing the same data back into the node - and it failed. So I don't know what the reason for that might be. 

 

Open a TAC case. Let them help you and fix this if it's broken code.

0 Helpful

Go to solution
MaErre21325
Level 1
Level 1

‎01-18-2023 07:22 AM

the problem was that the exported certicate was in a wrong format, i changed its type and the import wa successful

0 Helpful
Customers Also Viewed These Support Documents