cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

180
Views
5
Helpful
0
Replies
rchaseling
Participant

Renew CAPF Certificate in Mixed Mode & NAC environment

Hi,

Wondering if anyone has experience regenerating a self signed CAPF cert in a ISE/NAC environment?

 

We have the CAPF cert uploaded to ISE to authenticate the phones on the network. I'm reading what happens when you re-generate the the CAPF cert and I believeit resets all the IP Phones......my concern would be that the phones might not re-register back until we have the new CAPF cert uploaded to NAC ....... and worse case scenario will time out trying to register before we get the new cert uploaded.

 

If anyone has an tips or gotchas experienced regenerating the CAPF in Mixed Mode using NAC it would be appreciated

 

My plan is

  • Regenerate CAPF on Pub - followed by all subs (not saure why its required on subs but it appears to be in the guides)
  • Upload new CAPF to ISE
  • Update CTL File on pub using command "utils CTL update CTLFile"
  • Restart CUCM service on all nodes
  • Restart CAPF service on Pub
  • Restart TVS on all subscribers one at a time
  • Restart TFTP service
  • Reset all IP Phones

Thanks

 

0 REPLIES 0
Create
Recognize Your Peers
Content for Community-Ad