cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
180
Views
35
Helpful
3
Replies

Replace certificate for admin portal

Hi,

 

I would like som clarification about certificates in DNAC 2.2.3.4.

How can I replace the certificate for the admin-portal?

Under System/Settings/Trust & Privacy/Certificates there is a button to replace certificate. Is this certificate only for the admin portal? 

DNAC is integrated with ISE and I have multiple switches and WLC in fabrics and I can see that DNAC has issued certificates to all those devices. So I am scared that if I replace the certificate it will break communication between DNAC and all the devices.

 

Regards

Philip

3 REPLIES 3
Flavio Miranda
Advisor

Hi

 For admin portal (HTTPS) you have to replace the certificate in System/Settings/System Certificate

 

I just got word from Cisco that if I replace the certificat under System Certificate DNAC will need to push new certificates to all network devices. So that does not only change the cert for the DNAC GUI.

That's correct. This certificate is used for more than just the DNAC GUI. The management of northbound API applications and network devices is done via this cert. Once a new certificate is installed, by default DNAC will propagate this cert to all the devices in Inventory. You may need to do a “resync” on devices in the inventory to get them back into the managed state.