Sunday, October 24, 2021

It's me again, the ISE n00b... Need some big brain help on Certs for ISE/DNAC pxgrid

Getting errors in DNAC when adding the ISE, really looks like it doesn't like the cert chain for the ISE cert.

Both DNAC and ISE certs are by the book, signed by the exact same sub CA and DNAC cert is imported with full chain.

Dnac is lates 2.2.2.5 and ISE is 3.0 patch 3

DNAC complains that cert from ISE is not trusted by any trust anchor in DNAC.

I think MAYBE I'm hitting a bug from 2.1.1.x where if the ca authorative info and CRL info in the ISE cert is NOT a reachable url, but a LDAP string, we crash and burn hard.

Anybody knowledgeable about this subject?



No comments:

Post a Comment