Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
457
Views
0
Helpful
2
Replies

There is no admin certificate in the secondary ise.

CCC3
Level 1
Level 1

‎09-13-2023 09:32 PM - edited ‎09-13-2023 09:34 PM

 I checked because it wasn't authenticated with secondary ISE.
The admin certificate was missing.

The exact history of when it ceased to exist is not known.

Are there any similar cases related to this?
You need to check whether you just need to issue an admin certificate to the secondary.

And when I tried to reproduce the symptom, I couldn't forcefully delete the admin certificate.

Is it possible to reproduce the symptoms?

 

* ISE version : 2.7 patch 4

Labels:
Preview file
185 KB
0 Helpful
2 Replies 2

Milos_Jovanovic
VIP Alumni
VIP Alumni

‎09-19-2023 06:15 AM

Hi @CCC3,

Is there a scroll bar somewhere?

I've never seen certificate disappearing. However, I could even imagine that something happens with the certificate for whatever reason. What I can't imagine is that Admin or EAP roles disappear from your ISE node. They must be present to ISE node, which are not visible on your screenshot. You must be able to see those roles, and what certificate is attached to those roles.

Kind regards,

Milos

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-19-2023 10:47 AM

An ISE node should not be able to run without an Admin certificate. If it got corrupted somehow the deployment would not be healthy as inter-node replication requires a trusted certificate on each node for it's Admin functions. I would either rebuild the node or open a TAC case.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card