Process to upgrade Certs in NAC 4.7.2 OOB VG HA environment

Unanswered Question
Mar 15th, 2012

I am in the process of replacing the CCA manager certificate which is about to expire. My environment is HA and as such consists of two CAM servers and two pairs of HA-CAS servers.

First - I have submitted and generated the CAM server certificate (Easy enough as the CAM SSL is accessible via the GUI.) I think, although I'm not sure that I need to generate a new cert for the CAS(S).

If I do I need to access at least one CAS in an HA pair via the GUI. Does it matter which one? When I attempt to GUI to the "secondary" CAS in a pair I am of course being treated like a device that need to be "NAC'd".

To access the CAS I think I need to stop perfigo services which should drop me out of the HA pair. True?

Will I need to take each server out of "service" to update the cert.

If there is a document sequence of events I would love to see it.

Thanks!

Bob

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)

Actions

Login or Register to take actions

This Discussion

Posted March 15, 2012 at 8:45 AM
Stats:
Replies:0 Avg. Rating:
Views:507 Votes:0
Shares:0

Related Content

Discussions Leaderboard