I'm a little new to Cisco ISE and looking for guidance.
I have two EAP self signed certs for two different ISE servers that I'm using to authenticate wireless user's using PEAP.
Everything is working fine but I need to figure out how to manually push these certs to iPhones via Apple Configurator 2. When I export the self the signed certs out of ISE, they are presented to me in a .PEM format. When trying to use the Apple Configurator 2, it is asking for a PKCS1 or PKCS12 file format.
What do I need to do to get these self signed certs on the iPhones to be trusted?
I'll gloss over the part about self-signed certs because that is usually not a good way to do anything, other than for quick and dirty lab testing.
You can convert a cert in PEM format into DER format (aka PKCS1) using openssl - (the syntax varies by which version of OS you have it installed). Using Ubuntu it would go like this (where the input file is Defaultselfsignedservercerti.pem, and the output file is cert.cer)
openssl x509 -in Defaultselfsignedservercerti.pem -outform DER -out cert.cer
Every version of iOS may be different but the last time I had a look, you could email yourself a cert, and install that cert into the trust store. Then you select that cert and tell it that you want to trust it. It's a two step process.
Probably better done with an MDM if done at scale. Apple Configurator is great but not quite designed for mass deployment purposes.
After adding a WLC to ISE if you get the following error (See message below) after running debug aaa tacacs enable in the WLC. Incorrectly formatted authorization message Here's what you need to do to fix it. Login to ISE Work centers, Settings, Device ad...
Community Live- Understanding How Multicast Works with Cisco Wireless LAN Controllers
(Live event - formerly known as Webcast- Tuesday November 19, 2019 at 9 am Pacific/ 12 pm Eastern / 6 pm Paris)
This event will have place on Tuesday 19th, Novembe...
Where to download
Attached files on this post
Alternatively, cloud version (only summaries)
New implementation for the WLC Config Analyzer. it is a new re-write of the application, with clean up and improved checks
Support for IOS...
New Version for the Wireless Lan Config Analyzer: v.4.4.14
Supports AireOS up to 8.8, any model.
Error parsing AP list with location with spaces
For tool information: