02-18-2018 03:15 PM
Hey guys,
I've looked through the docs and the UI, but I cannot find an answer. Can the ISE CA be used to sign CSRs?
Thanks.
Neil
Solved! Go to Solution.
02-18-2018 03:43 PM
ISE internal CA can be used to deliver certificates for BYOD devices (through BYOD flow), iot devices authenticating To Ise, for example cameras security or pxgrid clients
It’s not meant to be used for servers in your environment
https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_00.html#concept_170E4F1CA46A404AA4C818C02226C8F2
02-18-2018 03:43 PM
ISE internal CA can be used to deliver certificates for BYOD devices (through BYOD flow), iot devices authenticating To Ise, for example cameras security or pxgrid clients
It’s not meant to be used for servers in your environment
https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_00.html#concept_170E4F1CA46A404AA4C818C02226C8F2
02-18-2018 08:59 PM
Adding to Jason's.
If the CSRs are for pxGrid clients or the like, you may use either the certificate provisioning portal in ISE 2.0+ or the pxGrid UI (Administration > pxGrid Services > Certificates) to sign the existing certificates in ISE 2.2+.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: