View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

SEC0270 - ISE 2.2 Certificate and Node Registration (Part 1)

Rating: 
5
Average: 5 (3 votes)
Difficulty Level: 
0
Lab Document: 
<Please login to see the content>
Video Download: 
Title: SEC0270 - Video Download $11.00
Purchase SEC0270 - Video Download $11.00
The video shows you how to generate, sign, and import a wildcard certificate on Cisco ISE 2.2. We will compare identity and wildcard certificate and go over some of the benefits of using wildcard certificate, and how a single cert can be used for all ISE usages. The same certificate will be used to register a secondary ISE node to build our two-node distributed deployment. 
 
Part 1 of this video covers wildcard certificate installation
 
Topic:
  • Self-signed Certificate 
  • Trusted CA Certificate Import
  • Identity VS Wildcard Certificate
  • CSR Generation for Wildcard Certificate
  • Certificate Signing on Windows 2012 CA
  • Certificate Binding
  • Certificate Usage and Group Tag
  • Certificate/Key Export/Import
  • Distributed Deployment and Secondary Node Registration
  • Central Certificate Management

About Author

Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.

4 comments

Hi Sir Metha,

Good day! Hope your doing well. By the way would you mind if i ask question regarding on creation of root CA on windows.i followed your video steps by steps on your CA guide and found error and its states that your certificate is invalid.Can i ask help a tips from you what does this error do on a browser. Am using googlechrome to access the ISE gui.

your reply is much appreciated.

Thank and Regrads,

Marlon

Where did you encounter the error and what weere you trying to do at the time?

Hi Labminutes,

I have 3 ISE Server, 1 is PAN,MnT and 2 for PSN. All ISE point dns to AD. From CLI of all ISE Server, i can ping domain of another ISE Servers. I think that mean DNS working fine. But when perform ISE registration, PAN,MnT node in form that Primary node not reacable to "ise-psn1.hptlab.com". please check dns setting on "ise-psn1.hptlab.com". But when i try again on PSN1, it can ping to domain name of PAN,MnT node. So why this error still appear ?

Thanks,
Quang

What do your DNS record look like and which node did you do the ping from and to?