View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

SEC0031 - ISE 1.1 Node Registration with CA-Signed Certificate

Rating: 
5
Average: 5 (2 votes)
Difficulty Level: 
0
Lab Document: 
<Please login to see the content>

The video demonstrates how to register a Policy Service node to a primary Admin node using CA-signed certificate. The same process applies to registering a secondary Admin node. This step is required when implementing an ISE distributed design for high scalability. This method is preferable over self-signed certificate.

Pros
  • Node certificate is automatically trusted by clients assuming their trust the same root CA
  • Renewed certificate requires to only be installed on owning node 
Cons
  • PKI (internal or external) is required

About Author

Metha Cheiwanichakorn, CCIE#23585 (RS, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new Cisco technologies.