Preview Tool

Cisco Bug: CSCvu87742 - ISE unable to authenticate to ACI due to wrong hostname when changing to a Third Party Certificate

Last Modified

Sep 04, 2020

Products (1)

  • Cisco Identity Services Engine

Known Affected Releases


Description (partial)

When configuring ACI in ISE for sxp integration, authentication fails due to the following error messages in the sxp.log
ISE: Work Centers>Trust sec>Settings>ACI Settings

2020-07-10 11:38:41,880 INFO  [StartApicPSN] -  Use APIC X.X.X.X on PSN
2020-07-10 11:38:41,880 INFO  [StartApicPSN] -  Authentication to APIC on PSN
2020-07-10 11:38:41,880 INFO  [StartApicPSN] -  Authenticate APIC admin name admin
2020-07-10 11:38:42,969 DEBUG [StartApicPSN] cisco.cpm.apic.schema.RestClient:443 -  Check if this is self sign APIC certificate
2020-07-10 11:38:42,969 DEBUG [StartApicPSN] cisco.cpm.apic.schema.RestClient:453 -  It isn't self sign APIC certificate
2020-07-10 11:38:42,974 ERROR [StartApicPSN] -  APIC authentication failed HTTPS hostname wrong:  should be <apic1>
2020-07-10 11:38:42,974 INFO  [StartApicPSN] - Wait for 60 seconds from PSN ...
2020-07-10 11:38:48,646 DEBUG [sxpservice-http-96443] - ENTERING DEBUG FILTER
2020-07-10 11:38:48,649 DEBUG [sxpservice-http-96443] - list engine info

Changing the ACI server under  TrustSec>Settings>ACI Settings
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.