Cisco Catalyst SD-WAN Certificate Management Guide, Releases 26.x and Later

PDF

Configure devices to use third-party certificate authority certificates, using a configuration group

Want to summarize with AI?

Log in

Procedure for configuring devices to use third-party certificate authority certificates, using a configuration group.


Procedure

1.

From the Cisco SD-WAN Manager menu, choose Configuration > Configuration Groups.

2.

For a configuration group, under System Profile, select Add Feature.

3.

In the Add Feature pane, choose CA Certificate.

4.

Configure the CA Certificates section.

Table 1. CA Certificates

Field

Description

Type

Choose CA Certificate from the drop-down list.

Name

Enter a name for the certificate.

Description

(Optional) Provide a description for the certificate.

Add CA Certificate

Select Add CA Certificate to add additional CA certificates.

TrustPoint Name

Enter a TrustPoint Name.

Certificate Name

Choose a CA certificate to add from the drop-down list.

5.

Select Save.

6.

Deploy the devices associated to the configuration group.

When you modify a certificate from the Device Group table, the changes are not be reflected on the device. This is because of the certificate's association with a TrustPoint. To update the certificate, remove the existing TrustPoint that contains the certificate information. Then create a new TrustPoint and add the certificate to it. Deploy the changes to the device for the certificates to take effect.

Deleting certificates from the Certificates tab doesn't automatically delete the associated TrustPoint. To delete the TrustPoint, manually delete and then save the changes to the TrustPoint.