09-28-2017 02:58 PM
I have used the End Points Certificate to successfully get a cert plus key, however the default root CA used to generate the client certificate (Certificate Services Endpoint Sub CA) has a key length of 4096 bits. Unfortunately our devices have a 2048-bit key limit on loaded certs - since we are using EAP-TLS the devices need to be loaded with both root cert and client cert. Is it possible to change the default root cert used to generate the client cert from the API POST call??
Solved! Go to Solution.
10-24-2017 05:40 PM
it does not appear to be an option as of ISE 2.3:
I will submit this suggestion to the PM.
10-24-2017 05:40 PM
it does not appear to be an option as of ISE 2.3:
I will submit this suggestion to the PM.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide