Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com ), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: guestsponsor.mynt.myntra.com
I ran this command:
It produced this output:
My web server is (include version):Cisco ISE, Version: 2.4.0.357 Installed patches:5,10
The operating system my web server runs on is (include version):ADE-OS, based on Red Hat Enterprise Linux (RHEL)
My hosting provider, if applicable, is:Cisco
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Yes
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): NA
rg305
April 25, 2024, 1:16pm
2
Hi @sahana.huller , and welcome to the LE community forum
Does Cisco have any documentation on their best practice for obtaining/installing certs into such a system automatically?
The end goal is to automate the certificate process.#1 is obtaining a cert
Is there a known ACME client that works within that system?
3 Likes
@sahana.huller , here are a few links to check:
Table of Contents Summary Most organizations use certificates. Popular reasons for needing certificates could be securing a Remote Access VPN solution, either ASA or Firepower, verifying identity, or encryption. Some of these purposes,...
Any chance we could get a native Let's Encrypt ACME client in a future version of ISE (hopefully with DNS01 verification)? This would allow ISE to automatically replace certificates (802.1x, guest portal, server, etc.) without administrator...
Hi. I just found out about Let's Encrypt (https://letsencrypt.org/), and it sounds fantastic. However, it seems to be best suited for webservers running on normal linux distros or IIS servers, and not on "hardened" linux versions like ISE or Prime...
3 Likes
Hello Team,
Kindly let us know if we can procure certificate from Let's encrypt as we are seeing below notice.
Regards,
Hello Team,
We normally generate CSR and give it to vendors and they generate the certificate and provide it to us.
Regards,
happen to have example old CSR? quite a bit of acme clients support csr as input but not sure what challenges you can expect it would be able to?
2 Likes
Hello Team,
Please find the below and guide us if we can get a certificate.
Regards,
BLR2ISE03MultiUse.pem (1.13 KB)
Hello Team,
May we have an update on our previous email.
Regards,
have you read this cisco tutorial ? I think it already explained most of things needed
3 Likes
Timmay
May 15, 2024, 11:36pm
10
Hi @sahana.huller
I am the author of both of the articles mentioned.
First, please follow this article to obtain a certificate from Let's Encrypt.
Table of Contents Summary Most organizations use certificates. Popular reasons for needing certificates could be securing a Remote Access VPN solution, either ASA or Firepower, verifying identity, or encryption. Some of these purposes,...
Then use this article that I finalized today to install that certificate into Cisco ISE.
Table of Contents Summary Cisco ISE uses certificates for various purposes including communication between ISE nodes, communication with external servers and communication between ISE nodes and end user portals like guest,...
I'm not 100% sure about doing this with ISE 2.4 as that is LONG past end of support.
Hope this helps.
Tim
3 Likes
system
June 14, 2024, 11:37pm
11
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
