Preview Tool

Cisco Bug: CSCvs24295 - Certain certificate formats cause ISE FMC Server Certificate dropdown to break

Last Modified

Jan 16, 2020

Products (1)

  • Cisco Firepower Management Center

Known Affected Releases


Description (partial)

Under the FMC section: Integration-->Identity Sources
When trying to select an "FMC Server Certificate" nothing will be displayed even if there are available certificates on the PKI-->Internal certs

When loading the page, or when trying to add the certificate using the "+" button and after including all the fields and saving the certificate the next error message will appear:

Crypt::OpenSSL::X509: failed to read X509 certificate. at /usr/local/sf/lib/perl/5.10.1/SF/UI/ line 2298 SF::UI::DataObjectLibrary::filterInternalCertsForISE('', 0, 500, '', 'ARRAY(0x13962018)') called at /usr/local/sf/lib/perl/5.10.1/SF/UI/ line 1030 SF::UI::PJB::executeFunction('SF::UI::DataObjectLibrary::filterInternalCertsForISE', 'ARRAY(0x1385c850)') called at /usr/local/sf/lib/perl/5.10.1/SF/UI/ line 992 SF::UI::PJB::handleRequest('SF::UI::DataObjectLibrary::filterInternalCertsForISE', '["",0,500,"",["PKI_InternalCert"]]')

FMC running 6.3 or 6.3.0.X
An internal certificate is created on the FMC with the PEM format of "-----BEGIN TRUSTED CERTIFICATE-----"
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.