Did you download the CA chain from DigiCert? I.e. are you including the intermediate CA certificate?
If you view the certificate in a browser you should be able to see if it chains up to a trusted root CA. From: [email protected] [mailto:[email protected]] On Behalf Of Rodrigo Alves dos Santos Sent: den 18 april 2013 20:59 To: Samarth Chidanand Cc: [email protected] Subject: Re: [OSL | CCIE_Security] ISE Public Cert Samarth, Yes, I did it! I've followed the process below of Cisco trustsec page, but instead of using Windows CA option Web Server, I used DigiCert with Apache option. http://www.cisco.com/en/US/solutions/collateral/ns340/ns414/ns742/ns744/docs/howto_04_ise_bootstrapping.pdf#page=9&zoom=auto,0,772 Atenciosamente, Rodrigo Alves dos Santos .ılı.ılı. Network Consultant - CCIE-R&S #38214 +55 (11) 9 7688-0409 Skype: ralves85 Knowledge is power. Power corrupts. Study hard and be Eeeeviiiil...... 2013/4/18 Samarth Chidanand <[email protected]> Hope you have also downloaded the CA public cert of digicert first. Then create the CSR / PubPriv keypair and bind that to the ID cert. Samarth Chidanand Sr Instructor / Developer – IPexpert CCIE #18535 (R&S, Security) CCSI #34585 From: [email protected] [mailto:[email protected]] On Behalf Of Rodrigo Alves dos Santos Sent: Thursday, April 18, 2013 11:47 PM To: [email protected] Subject: [OSL | CCIE_Security] ISE Public Cert Hi Guys, Someone here have already configured public cert to ISE web auth portal? On WLC I'm redirecting the portal to ISE. I have generated on ISE the CSR and paid for a cert on http://www.digicert.com (I used "Apache" for certificate type because I didn't find Web Server like Windows CA) but after import the cert to ISE I'm still getting the msg that source is not trust. I have doubt If I should use a valid cert to WLC that is redirecting de page and show the IP 1.1.1.1 or to ISE. Anybody can clarify this doubt and send some usuful doc? Atenciosamente, Rodrigo Alves
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
