Certificate renewal
The certificates generated by Cisco Cyber Vision have a validity of two years.
Sensor certificates must be renewed manually. The procedure used differs whether the certificate is already expired or not and whether the sensor has been deployed using the sensor management extension.
-
If the certificate is still valid, refer to Sensor certificate renewal.
-
If the sensor was deployed with the sensor management extension, refer to Sensor certificate renewal.
-
If the certificate is outdated, and was deployed manually, refer to Sensor certificate renewal through the Local Manager.
Sensor certificate renewal
The following procedure applies to:
-
Sensors deployed with the sensor management extension, whether the certificate expiration date is exceeded or not (i.e. the deployment method is indicated in the sensor's right side panel).
-
In the case of sensors deployed manually, it only applies if the sensors certificate have not expired yet (i.e. the sensor certificate status is Expire Soon).
Procedure
Step 1 |
In Cisco Cyber Vision, navigate to Admin > Sensors > Sensor Explorer or click the top banner alert to access the Sensor Explorer page directly. Another alert is displayed. |
Step 2 |
Click Manage certificates in the alert or Manage Cisco devices > Manage certificates. The Manage sensors certificates window opens. |
Step 3 |
Select the sensor with the status Expiring Soon. |
Step 4 |
Click Renew certificate. The certificate is renewed and automatically sent to the sensor. Its status switches to Valid and the new expiration date appears. |
Sensor certificate renewal through the Local Manager
In case of certificate expiration, communication with the sensor is no longer possible if it was deployed manually (i.e. without the sensor management extension). In this case, the certificate is renewed by sending it to the sensor manually. As the certificate is part of the provisioning package, the action consists in generating the provisioning package and sending it to the sensor application through the Local Manager.
Procedure
Step 1 |
In Cisco Cyber Vision, navigate to Admin > Sensors > Sensor Explorer. |
Step 2 |
Click Manage Certificates. The Manage sensors certificates window appears. |
Step 3 |
Select the sensor and click Renew Certificate. A message is displayed. |
Step 4 |
Click Renew certificate again. The sensor certificate status appears as valid. |
Step 5 |
Close the Manage sensors certificates window. The sensor's health and processing status appear as Disconnected. |
Step 6 |
Click the sensor in the list. Its right side panel opens. |
Step 7 |
Click the Download package button. |
Step 8 |
Type the Local Manager's password or set it if not already done. Make sure to keep this piece of information stored as it will be asked to access IOx Local Manager and for further troubleshooting and configuration purposes. |
Step 9 |
Click Download package. |
Step 10 |
Import the provisioning package in the Local Manager. To do so, refer to Import the provisioning package (without USB). |
Step 11 |
In the sensor's CLI, type the following command to enroll the sensor:
|
Step 12 |
The sensor's health status switches to Connected and its processing status to Normally processing. |