Procedure for configuring devices to use third-party certificate authority certificates, using a configuration group.
Procedure
| 1. | From the Cisco SD-WAN Manager menu, choose . |
|||||||||||||||
| 2. | For a configuration group, under System Profile, select Add Feature. |
|||||||||||||||
| 3. | In the Add Feature pane, choose CA Certificate. |
|||||||||||||||
| 4. | Configure the CA Certificates section.
|
|||||||||||||||
| 5. | Select Save. |
|||||||||||||||
| 6. | Deploy the devices associated to the configuration group. |
When you modify a certificate from the Device Group table, the changes are not be reflected on the device. This is because of the certificate's association with a TrustPoint. To update the certificate, remove the existing TrustPoint that contains the certificate information. Then create a new TrustPoint and add the certificate to it. Deploy the changes to the device for the certificates to take effect.
Deleting certificates from the Certificates tab doesn't automatically delete the associated TrustPoint. To delete the TrustPoint, manually delete and then save the changes to the TrustPoint.