Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
586
Views
5
Helpful
2
Replies

Renewing certificate on ISE 1.21 in High Availability configuration

richard.smock
Level 1
Level 1

‎08-09-2016 02:35 PM - edited ‎07-05-2021 05:35 AM

Wondering if there will be a service disruption when I renew the certificates (not self signed, domain based CA), on Cisco ISE 1.21 running as Pri and secondary.

Should the secondary be renewed first or second?

Labels:
0 Helpful
2 Replies 2

d.friday
Level 4
Level 4

‎08-10-2016 08:40 AM

Hello,

I've renewed Certs on our  1.4 servers last year and experienced zero down time.  I did start with my secondary server just in case I ran into any issues.

here is the Cisco link for renewing certs http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/116977-technote-ise-cert-00.html

I hope this helps .. 

Please rate this if you can

 

richard.smock
Level 1
Level 1
In response to d.friday

‎08-10-2016 09:06 AM

Thanks for the reply.

I actually renewed them yesterday evening and did not see any downtime either, due to HA on ISE. If we did not have HA, I would have seen about a 5 minute outage as the ISE services has to restart after installing the new certs for HTTPS use.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card