02-24-2022 12:56 AM
Hi,
I would like som clarification about certificates in DNAC 2.2.3.4.
How can I replace the certificate for the admin-portal?
Under System/Settings/Trust & Privacy/Certificates there is a button to replace certificate. Is this certificate only for the admin portal?
DNAC is integrated with ISE and I have multiple switches and WLC in fabrics and I can see that DNAC has issued certificates to all those devices. So I am scared that if I replace the certificate it will break communication between DNAC and all the devices.
Regards
Philip
02-24-2022 03:57 AM
Hi
For admin portal (HTTPS) you have to replace the certificate in System/Settings/System Certificate
02-25-2022 06:41 AM
I just got word from Cisco that if I replace the certificat under System Certificate DNAC will need to push new certificates to all network devices. So that does not only change the cert for the DNAC GUI.
02-26-2022 04:13 AM
That's correct. This certificate is used for more than just the DNAC GUI. The management of northbound API applications and network devices is done via this cert. Once a new certificate is installed, by default DNAC will propagate this cert to all the devices in Inventory. You may need to do a “resync” on devices in the inventory to get them back into the managed state.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide