08-09-2016 02:35 PM - edited 07-05-2021 05:35 AM
Wondering if there will be a service disruption when I renew the certificates (not self signed, domain based CA), on Cisco ISE 1.21 running as Pri and secondary.
Should the secondary be renewed first or second?
08-10-2016 08:40 AM
Hello,
I've renewed Certs on our 1.4 servers last year and experienced zero down time. I did start with my secondary server just in case I ran into any issues.
here is the Cisco link for renewing certs http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/116977-technote-ise-cert-00.html
I hope this helps ..
Please rate this if you can
08-10-2016 09:06 AM
Thanks for the reply.
I actually renewed them yesterday evening and did not see any downtime either, due to HA on ISE. If we did not have HA, I would have seen about a 5 minute outage as the ISE services has to restart after installing the new certs for HTTPS use.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide