Cisco Bug: CSCvu41103 - [ENH] Add the ability to have multiple versions of a certificate in the trust store
May 28, 2020
- Cisco Identity Services Engine
Known Affected Releases
Symptom: Adding a new root or intermediate CA to the ISE deployment trust store to prepare for a CA certificate cutover or expiry. As of now, the new cert needs to have a unique subject (combination of CN, OU etc) to co-exist in the trust store with the existing CA cert. If the CN is the same, even with a different serial number, validation for the certificate will generate an error. Conditions: Adding a new CA cert in the ISE trust store with the same subject as an existing certificate with a different serial number.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases