ISE certificate
1. Default Certificate of new ISE3.1 installation.
Certificate Services Chain:
Root CA - ISE31A >>>> Node CA - ISE31A >>>> Endpoint Sub CA >>> ISE messaging Service
>>> pxGrid
ISE31B has similar system cert and trusted cert, once cluster is created, root CA on ISE31B is disappear, If this happens, we need re-generate Messaging Service Cert, other we go "queue link error", view Messaging Service Cert on ISE31B show chain is broken, to fix it:
1. Go to ISE31A admin gui
2. Navigate to Administration > System > Certificate
3. Click "Certificate Signing Requests" > click "Generate Certificate Signing Requests (CSR)" button
4. In Usage: Certificate(s) will be used for, choose "ISE Messaging Service"
5. In the node list, check ISE31B only, click Generate.
2. Navigate to Administration > System > Certificate
3. Click "Certificate Signing Requests" > click "Generate Certificate Signing Requests (CSR)" button
4. In Usage: Certificate(s) will be used for, choose "ISE Messaging Service"
5. In the node list, check ISE31B only, click Generate.
Comments
Post a Comment