Thank you Patrick! Tomorrow I will play again with this solution and will follow some instruction I catch here and double check all stuffs (root cert, identity cert, ntp, dns, change virtual IP of wlc, try dns resolution, etc) and update this thread.
All information you guys provided were very valuable! Tks a lot. Atenciosamente, Rodrigo Alves dos Santos .ılı.ılı. Network Consultant - CCIE-R&S #38214 +55 (11) 9 7688-0409 Skype: ralves85 Knowledge is power. Power corrupts. Study hard and be Eeeeviiiil...... 2013/4/18 Patrick Ogenstad <[email protected]> > Did you download the CA chain from DigiCert? I.e. are you including the > intermediate CA certificate?**** > > ** ** > > If you view the certificate in a browser you should be able to see if it > chains up to a trusted root CA.**** > > ** ** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Rodrigo Alves > dos Santos > *Sent:* den 18 april 2013 20:59 > > *To:* Samarth Chidanand > *Cc:* [email protected] > *Subject:* Re: [OSL | CCIE_Security] ISE Public Cert**** > > ** ** > > Samarth,**** > > Yes, I did it! **** > > I've followed the process below of Cisco trustsec page, but instead of > using Windows CA option Web Server, I used DigiCert with Apache option. > > > http://www.cisco.com/en/US/solutions/collateral/ns340/ns414/ns742/ns744/docs/howto_04_ise_bootstrapping.pdf#page=9&zoom=auto,0,772 > **** > > > **** > > Atenciosamente, > > Rodrigo Alves dos Santos > .ılı.ılı. Network Consultant - CCIE-R&S #38214 > +55 (11) 9 7688-0409 > Skype: ralves85**** > > **** > > **** > > > Knowledge is power.**** > > Power corrupts.**** > > Study hard and be Eeeeviiiil......**** > > **** > > ** ** > > 2013/4/18 Samarth Chidanand <[email protected]>**** > > Hope you have also downloaded the CA public cert of digicert first. Then > create the CSR / PubPriv keypair and bind that to the ID cert.**** > > **** > > **** > > *Samarth Chidanand***** > > *Sr Instructor / Developer – IPexpert***** > > *CCIE #18535 (R&S, Security)***** > > *CCSI #34585***** > > **** > > **** > > **** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Rodrigo Alves > dos Santos > *Sent:* Thursday, April 18, 2013 11:47 PM > *To:* [email protected] > *Subject:* [OSL | CCIE_Security] ISE Public Cert**** > > **** > > Hi Guys,**** > > Someone here have already configured public cert to ISE web auth portal? > On WLC I'm redirecting the portal to ISE. I have generated on ISE the CSR > and paid for a cert on http://www.digicert.com (I used "Apache" for > certificate type because I didn't find Web Server like Windows CA) but > after import the cert to ISE I'm still getting the msg that source is not > trust.**** > > I have doubt If I should use a valid cert to WLC that is redirecting de > page and show the IP 1.1.1.1 or to ISE. Anybody can clarify this doubt and > send some usuful doc?**** > > > > > > **** > > Atenciosamente, > > Rodrigo Alves**** > > **** > > ** ** >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
