Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Certificate Error - ISE

Hi,

I'm having trouble with getting a valid certificate installed. Customer doesn't have their own root CA, so we've used Digicert for a public certificate. Installed all ok, and appears in ISE fine.

However, when I try and access the WebUI, and authenticate on the wireless - i'm getting certificate errors.

Using Chrome/Firefox accessing the WebUI. I get the following:

You attempted to reach

ise-a.domainname.com, but instead you actually reached a server identifying itself as ise-a.domainname.local. This may be caused by a misconfiguration on the server or by something more serious

I've been over the config on the WebUI and on CLI, I can't find any reference to the .local FQDN.

Previously, ISE was named ise-a.domainname.local, however we had to change to .com to use a public certificate.

Any help/pointers would be helpful.

Thanks

Everyone's tags (3)
4 REPLIES

Re: Certificate Error - ISE

Configure the domain name correctly on the cli (is it now configured?)

Configure it correctly with .com rather than .local.

If is still complains about the .local try then restart the services or reload the machine.

HTH

Amjad

Sent from Cisco Technical Support iPad App

Rating useful replies is more useful than saying "Thank you"
New Member

Re: Certificate Error - ISE

Hi Amjad,

I've tried that, and spent some time with TAC in trying to resolve this.

It appears ISE is still trying to use the self signed certificate, even though the new one has been installed and set to be used for management and EAP.

TAC has given me some items to try. I'll post an update when I have one.

Evan.

Certificate Error - ISE

Hi.

Did you resolve this problem?

//Philip

New Member

Certificate Error - ISE

It ended up being an issue with the CaSE of the certificate being provided by the cert provider. the FQDN in the cert was all UPPERCASE however the CSR that was being generated was in all lowercase..

714
Views
5
Helpful
4
Replies
CreatePlease to create content