cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Using ISE 2.2 Internal Certificate Authority (CA) to Deploy Certificates to Cisco Platform Exchange Grid (pxGrid) Clients

7975
Views
7
Helpful
1
Comments

This document is intended for Cisco Engineers, partners and customers using Cisco Identity Services Engine (ISE) 2.2 internal Certificate Authority (CA) for deploying Cisco platform Exchange Grid (pxGrid) certificates to pxGrid clients.  Using the ISE internal CA authority for deploying pxGrid client certificates eases certificate deployment by using ISE as the internal CA authority and not requiring an external CA server.

The ISE 2.2 internal CA generates certificates with or without certificate signing requests (CSR) and downloaded in Privacy Enhanced Mail (PEM) format or Public-Key Cryptography Standards (PKCS12) or Privacy Enhanced Mail (PEM) format.  Bulk download certificates can also be generated.

This document describes the procedure for configuring the ISE certificate provisioning portal and provides use-case examples for generating and issuing the pxGrid certificates for the following pxGrid clients:

  • Security solutions using java keystores (can be used for Splunk)
  • Cisco Firepower 6.2, 6.1
  • Stealthwatch 6.9
  • Cisco Web Security Appliance 9.0.1 build 162
Comments
Frequent Contributor

Thanks.