Process to upgrade Certs in NAC 4.7.2 OOB VG HA environment

Unanswered Question
Mar 15th, 2012

I am in the process of replacing the CCA manager certificate which is about to expire. My environment is HA and as such consists of two CAM servers and two pairs of HA-CAS servers.

First - I have submitted and generated the CAM server certificate (Easy enough as the CAM SSL is accessible via the GUI.) I think, although I'm not sure that I need to generate a new cert for the CAS(S).

If I do I need to access at least one CAS in an HA pair via the GUI. Does it matter which one? When I attempt to GUI to the "secondary" CAS in a pair I am of course being treated like a device that need to be "NAC'd".

To access the CAS I think I need to stop perfigo services which should drop me out of the HA pair. True?

Will I need to take each server out of "service" to update the cert.

If there is a document sequence of events I would love to see it.

Thanks!

Bob

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)

Actions

Login or Register to take actions

This Discussion

Posted March 15, 2012 at 8:45 AM
Stats:
Replies:0 Overall Rating:
Views:507 Votes:0
Shares:0

Related Content

 

Discussions Leaderboard

Rank Username Points
1
tsteger1
916
2
acomiskey
894
3
Patrick Iseli
850
4
jmia@ohgroup.co.uk
808
5
jackko
787
Rank Username Points
Marvin Rhoads
19
Karsten Iwen
15
Neno Spasov
6
cisco24x7
5