My memory is a little foggy but I believe last time I imported a certificate with a private key that was the same as an old cert, it overwrote the old one. It pops up a warning saying that the private key exists already but then lets you continue.
Generally I just make a new one with a new private key and name it “<eapcert>2021” or whatever because if you expect ISE to do something that works in any other system it doesn’t work right in ISE. The cert date must be valid though as of the day you activate it for obvious reasons. I renew all my certs before the day they expire but the valid date is always prior to when I install it. From: The EDUCAUSE Wireless Issues Community Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Bruce Boardman <000000f864c74f72-dmarc-requ...@listserv.educause.edu> Reply-To: The EDUCAUSE Wireless Issues Community Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Date: Tuesday, April 20, 2021 at 7:17 AM To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] ISE CERT Renewal We are going through Sectigo to renew RADIUS CERT for our 802.1x auth. environment. Cisco is a little bit nebulous regarding the activation and acceptance of the CERT with a future CERT valid date. The are not clear if the renewal will take without a CSR (why is a question to Cisco), but they indicate that in that case the private key may need to be uploaded. I don’t want to get to the expiration day to find out that the CERT needs to be reissued, which would be a lengthy outage for machine auth clients needing a push of the new CERT. Anybody renewed on ISE prior to the expiration of the existing CERT using a future CERT valid date? Talk me off the ledge. Thanks ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ________________________________ The materials in this message are private and may contain Protected Healthcare Information or other information of a sensitive nature. If you are not the intended recipient, be advised that any unauthorized use, disclosure, copying or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error, please immediately notify the sender via telephone or return mail. ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
