How can I know the FULL domain name & names for the installation of a digital certificate Public in ISE?
We are implemented a project with Cisco ISE; but comments Portal appears to users as a "untrusted site". For problems, a public digital certificate must be installed in Cisco ISE, so he can send it to users who enter the comments Web portal.
Now... to sell me the certificate, VERISIGN needs to know settings ISE of the certificate, such as name of area COMPLETE, names subnames, etc... How can these parameters of ISE?
Thaks a lot!
This isn't an easy question to answer, there are a ton of variables to include
Local web site Central Web Auth or Auth
LWA, the WLC is the "man in the Middle" to the request of the customer for PSN (server nodes), the WLC takes the request webauth and resembles webauth then the redirect URL that you put in the WLC
If the redirect webauth URL is https://ise01.mycompany.com:8443/guestportal/login.action, the WLC is a redirect but the virtual IP address comes in 1.1.1.1, who was as trustworthy or redirection complains, then you may have to get the public certificate for the fqdn of 1.1.1.1, and the comment server. You can create a CSR using openssl or you can just enter in ISE and create a CSR, but you can only set CN = ise01.mycompany.com and nothing else, as long you have a single NHP is good, but if you have several Ssnp, you need to change your CSR so that you have to use openssl to create CSR using a file openssl.cnf and then with openssl, you do the following:
openssl req - new - nodes-out openssl.cnf omf-01 - ise04.csr - config
You must do it the way I said above regardless of CWA or LWA, if you have more than one PSN, you must point to a FULL VIP domain name and then configure your DNS to answer for these host names. With LWA, you get virtual IP WLC involved 1.1.1.1, so you don't have to worry about getting a certificate for this, it is a cleaner installation, but you must always do all the rest. It must ensure that users of your guests have the opportunity to join the portal comments and be able to solve the given DNS the dns server that they have been configured with.
Content of the file openssl.cnf:
[req]
nom_distinctif = req_distinguished_name
req_extensions = v3_req
default_bits = 2048
[req_distinguished_name]
countryName = name of the country (2-letter codes)
countryName_default = en
localityName = name of the locality (for example, City)
organizationalUnitName = organizational unit name (for example, section)
commonName = Common Name (eg, YOUR name)
commonName_max = 64
emailAddress = Email address
emailAddress_max = 40
[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = AutClient, serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = guest.mycompany.com
DNS.2 = guest.mycompany.com
DNS.3 = ise01.mycompany.com
Tags: Cisco Security
Similar Questions
-
How can I find the name of the photographer? How can I know the location of a photo when it's just a general title...
Hello
If you expand the keywords, this could give you a little more in detail. You can click on the username of the photographer to see their portfolio and you can search within their portfolio.
Thank you
Bev
-
Tecra A8 - How can I know the temperature of the processor?
How can I know the temperature of the processor?
It seems very high. And I'm worried about this.Hello
I m using the Everest Home Edition
This tool is free and it reports the temperature values NECK and HARD drive.
In addition, you can find some information about the software installed and inserted material parts.See you soon
-
How can I know the date of my current windows installation?
How can I know the date of my current windows installation?
Start - All Programs - Accessories - right on command prompt and choose run as administrator. Type (or copy and paste by clicking in the command prompt window and choose Paste).SystemInfo | moreIt is up. -
How can I know the exact date of the csrss.exe download?
HelloW please someone tell me how can I know the exact date of the download or installation of csrss on my pc. in the properties of the box, I can only find an old date (date of creation 2009) but think I didn t have this pc so... Please help me
Hello
Thanks for posting your query in Microsoft Community.
I understand that you have questions about the date of download csrss.exe.
But I would like to know more information, to help you better.
(1) get any error message related to this csrss.exe process?
(2) what is the problem in the computer?
In the meantime, please refer to the below suggestion.
In fact, the csrss.exe is not a program that can be downloaded, it is rather a process in the Windows System. Thus, it would display the date of creation as the process is being created. Csrss.exe is a system process that is needed for your PC to function properly. It should not be deleted.
The Microsoft Client Server Runtime Server subsystem uses the csrss.exe. This process of management of the majority of the graphical instruction sets under the Microsoft Windows operating system. As such Csrss.exe offers the important functions of the operating system, and the Blue Screen of Death displayed may lead to his termination.
Csrss.exe threading and features of Win32 console window controls. Threading is where the application itself is divided into several simultaneous running tasks. Threads supported by csrss.exe are different
process in this son are usually included in the process, with different threads, sharing of resources within the same process. The Win32 console is plain text window in the Windows API system (programs can use the console without the need for display of the image).Additional information:
Csrss.exe
I hope this helps. Otherwise, feel free to write back and we woll will be happy to help.
Thank you
-
How can I know the pop up notice update is legitimate and check the installation?
How can I know the pop up notice update is legitimate and check the installation? I understand that you have to make sure that all previous updates have been removed before adding a new update.
no adobe update must be removed or undone to install future updates.
and what app triggers the popup?
-
How can I know the Position of the column in a table
Hi all
How can I know the position of the column in a table...
For example: -.
I have a table
DESC EMPLOYEES
EmpID
Ename
SAL
I want to know the Empid is in 1st position, ename is 2nd and sal is in 3rd place.
is this possible?SELECT *.
Of user_tab_cols
WHERE table_name = 'EMP ';Concerning
Arun -
How can I know the size of the screen of the moniter of users using the Acrobat SDK?
How can I know the size of the screen of the moniter of users using the Acrobat SDK? I need to know how much real estate sreen which is available on the moniter to users. Is there some call I can do the SDK to find out the maximum X and is coordinated?
Thank you
Gregory
Just responded to your other thread:
AVWindowGetDesktopBounds()
Even takes into account the task bar on Windows, the menu bar on Mac, etc.
-
How can I incorporate the text search when a project public captivate in HTML5?
How can I incorporate the text search when a project public captivate in HTML5?
There is an option in the skin editor > TOC settings, but I think you will find this only applies to research on the names found in the table of contents itself, not the entire project.
-
I created the Package CC "exsample" series of license name and disabled the Office CC Implementation Committee and selected the option "specify directory for deployment" or 'Directory to specify' in the Advanced dialog configrations.
I started to deploy in the victory of the client PC with command line like below,
msiexec /i exsample.msi TARGETDIR = D:\test
or
msiexec /i INSTALLDIR = D:\test exsample.msi
Installation was completed though, apps had been installed in the defalt directory "C:\Program files".
In CC helps Packer said as the folliwings on the location of the Installation,
"The Application Manager offers you the following options for the deployment location:
Deploy in the default directory of the application: the player is by default the system unit; the default path is \Program Files in Windows/applications under Mac OS.
Specify the directory for the deployment: allows users to end to specify the installation path when the package is deployed. On Mac OS, users are invited on the user interface, while on Windows, it's a command-line only option.
' Specify the directory: enter the path to the location to a specific installation location.
Is - this explanation is wrong?
How can I change the installation directory in windows PC where to deploy the package to the series of licenses?
Any information would be appreciated.
Thanks in advance.
Kappa-maki
My friend told me that the correct command is as below,
MsiExec.exe /i example.msi ADOBEINSTALLDIR = "D:\test\" / quiet
It worked well!
-
I've recently updated to 13.6, I would uninstall and reinstall 13.1. How can I find the installer of 13.1?
Hello
You must install after effects CC 2014.
You can install it from the creative Cloud desktop application.
Please visit the sites:
Install an earlier version of any creative cloud application
Kind regards
Ilyes
-
How can I move the installation Acrobat DC to a desktop folder to a folder in programs?
How can I move the installation Acrobat DC Office Windows folder in a folder of programs? I'm not comfortable with an application being installed under the desk.
default dc acrobat installs in your c > program (86) directory.
Double check if it is installed there and you're really looking to a downloaded file.
-
How can I know what my redemption code is for photoshop elements?
How can I know what my redemption code is for photoshop elements?
Using redemption code
http://helpx.Adobe.com/x-productkb/global/redemption-code-help.html
-
How can I know the progress of import and import when it is finished
I'm new to Final Cut Pro. How can I see the progress or the remaining time necessary for my import? Or how to know when the import is complete?
Press Cmd - 9 or
-
I have a question about the order of execution. In the WHILE loop, I have two things to measure, period and tension using the DAQmx READ functions for voltage and the meter. In the end, I want to collect these data as points almost simultaneously as possible, as a pair and then send them together to another piece of code (not shown here) which them will result in some sort of command for an engine. It would be run, and then I want to perceive the tension and the period at a time later and do the same thing.
(1.) I'm a little confused on what the meter of the READ function is back because it's a table. What is a picture of? I thought that it was up to the value of the individual periods between rising edges. The output of the counter 1 DBL d's a table. How many elements in this table, and what determines the size of this table? Are the elements of the array the individual delays between the edges? How many values are stored in the array by executing? We take the AVERAGE of the last 15 items, but do not know if we are throwing some of the data or what. How to understand the composition of this painting? How can I change the composition of this painting? Is it possible to measure only one period at a time, for example the time between TWO edges?
2.) Will this WHILE loop execute as it gathers tension and a "period table ' (remains to be understood by me) by TIME running in a loop? In particular, we want that the value of the tension associated with the value of the AVERAGE of the period "array", so we can use two data items to create orders of next control every time that the two values are reported. The structure for the delivery of vi will be attached data in pairs like this? I understand that one of the READING functions run not before the other function of READING in the WHILE loop. I want that the period "means" and "strain (Volt) collected at the same pace. This vi will he?
Thank you
Dave
Hi David,
I suggest including the DAQmx Start Task function. If it does not start before the loop, it starts the loop and work very well, but it is not as fast and efficient. In the model of task status, task wiill go to run the checked each iteration of the loop and then back the time checked running when it restarts.
The status of the task model: http://zone.ni.com/reference/en-XX/help/370466V-01/mxcncpts/taskstatemodel/
Kind regards
Jason D
Technical sales engineer
National Instruments
Maybe you are looking for
-
'Notes' disappeared from one day to the next
my "notes" have disappeared from one day to the next. Last accessed last night. Saved on phone appearing with that few, I changed last night. The format has also changed and he no arrow at upper LH has. Anyone who has experienced similar?
-
transfer bookmarks of a 8 year old PowerBook G4 for a MacBook Pro - is - it an easy way?
You just bought a MacBook Pro - used an old PowerBook G4 for 8 years. I'm setting up of my MacBook and would like to transfer my favorites in an easier way than going to each site Web and bookmarks. Can I use the article on synchronization between co
-
I've lost a number of buttons for google. How long until you've solved the compatibility problem?
When it asked me to update Firefox it says that he was not currently compatible with the Google toolbar. I lost most of my buttons for Google now. How long will be until this compatibility issue is resolved? Can I go back to the previous version?
-
continuous measurement and logging, LV2014
In LabView 2012, I examined how project templates QueuedMessageHandler and the measure continuously and logging (CML). In addition, there are all of a lengthy and detailed documentation for the QMS. There is a much shorter documentation for CML, but
-
B210e Inksystem failure, Tower works to solve after cleaning the heads. Does not help
Currently usinga B210e printer, had a paper jam and removed the jam. Now I have an error message saying: ink system failure Complete guide to troubleshooting by HP, clean same head, back and have always system failure message ink at the same time to