02-18-2018 03:15 PM
Hey guys,
I've looked through the docs and the UI, but I cannot find an answer. Can the ISE CA be used to sign CSRs?
Thanks.
Neil
Solved! Go to Solution.
02-18-2018 03:43 PM
ISE internal CA can be used to deliver certificates for BYOD devices (through BYOD flow), iot devices authenticating To Ise, for example cameras security or pxgrid clients
It’s not meant to be used for servers in your environment
https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_00.html#concept_170E4F1CA46A404AA4C818C02226C8F2
02-18-2018 03:43 PM
ISE internal CA can be used to deliver certificates for BYOD devices (through BYOD flow), iot devices authenticating To Ise, for example cameras security or pxgrid clients
It’s not meant to be used for servers in your environment
https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_00.html#concept_170E4F1CA46A404AA4C818C02226C8F2
02-18-2018 08:59 PM
Adding to Jason's.
If the CSRs are for pxGrid clients or the like, you may use either the certificate provisioning portal in ISE 2.0+ or the pxGrid UI (Administration > pxGrid Services > Certificates) to sign the existing certificates in ISE 2.2+.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide