Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Facing authentication Failed issue when enabling Download_CRL option

Dear Experts,

My clients are being authenticated using EAP-TLS.   but while i want to enable CRL on my ISE device, as soon as i go to Certificate-Store on the ISE and enable the check-box next to   Download CRL  option and add my CA CRL path (http://ca-server/CertEnroll/TrustedCA.crl) . then all my clients fails with authentication.

Note- I have standalone CA

Any advice ?

Cisco Employee

Facing authentication Failed issue when enabling Download_CRL op


  • Check to make sure that the CA services are up and running on the CA server.
  • Replace the certificate. For a trust certificate, contact the issuing Certificate Authority (CA). For a CA-signed local certificate, generate a CSR and have the CA create a new certificate. For a self-signed local certificate, use Cisco ISE to extend the expiration date. You can delete the certificate if it is no longer used.
  • Check if the configuration change is expected.
  • Ensure that the download URL is correct and is available for the service.

For more information, please visit the given link:

CreatePlease to create content