Guest

Preview Tool

Cisco Bug: CSCut10928 - Not to restart other ISE nodes' services after new PPAN admin HTTPS cert

Last Modified

Oct 16, 2018

Products (1)

  • Cisco Identity Services Engine

Known Affected Releases

1.2(0.899) 1.2(0.914) 1.3(0.876) 2.1(0.474) 2.2(0.470) 2.3(0.298) 2.4(0.357)

Description (partial)

Symptom:
After assigning a new certificate for admin HTTPS on the primary admin node, it restarts its own ISE services first and then triggers rolling restart of ISE services on all the other ISE nodes in the deployment.

Conditions:
ISE 1.2 and later

Assigning a new certificate for admin HTTPS on the primary admin node.

Related Community Discussions

Admin Certificate Renewal: Impact
At the moment we have individual certificates deployed to each ISE node for Admin purpose. We also have wildcard certificate which we use for EAP Authentication and sponsors portal. The problem is that due to HSTS ISE PSN presents its own Admin certificate when redirection is being performed and hence portal cannot be accessed using portal's FQDN.   So, I decided to use Wildcard certificate for Admin function too, but when I Edited Wildcard certificate to set Admin as one of its functions, I've got ...
Latest activity: Sep 14, 2018
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.