cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

399
Views
0
Helpful
1
Replies
Highlighted
Beginner

How to generate manually a Certificate from ISE CA ?

Hello,

We run ISE 1.4.0.253

Our ISE is set as Certificate Authority (Administration > System > Certificates).

Usually Endpoints obtain certificates automatically from Certificate Templates.

I would like to generate manually a Certificate from ISE Certificate Authority, to insert it manually into a special support/OS (as WinPE).

Do you know how can I generate this Certificate from ISE Certificate Authority?

Do there have a direct/simple way?... or do I have to create a dedicated Certificate Templates, and use an endpoint (as Windows PC) to generate automatically a Certificate, them export this Certificate from this endpoint and insert it manually into a special support/OS (as WinPE)?

Regards,

Chris

Everyone's tags (1)
1 REPLY 1
Cisco Employee

Hello Chris-

Hello Chris-

The feature that you are looking for is available in ISE but in version 2.0 and above. In ISE 2.0 a Certificate Provisioning Portal:

http://www.cisco.com/c/en/us/td/docs/security/ise/2-0/release_notes/ise20_rn.html#pgfId-591323

The Certificate Provisioning portal allows employees to request certificates for devices that cannot go through the onboarding flow. For example, devices such as point-of-sale terminals cannot go through the BYOD flow and need to be issued certificates manually. The Certificate Provisioning portal allows a privileged set of users to upload a certificate request for such devices, generate key pairs (if required), and download the certificate. Employees can access this portal and request for a single certificate or make a bulk certificate request using a CSV file.

I hope this helps!

Thank you for rating helpful posts!