AAA, NAC, Guest Access & BYOD

Increase the Validity of Certificates issues by CPPM certificate authority which are used in Onboarding

This article talks about increasing the Validity period of the onboard certificates issued to clients 

 

Environment: This article applies to CPPM 6.2 and above.

 

 

Normally all onboard certificates issued by CPPM certificate authority is of 1 year validity. Is it possible to change it to a higher/lower value? If yes, where to configure it?

This value can be customized.

Login to CPG ( Clear Pass Guest) and navigate to "Home » Onboard + WorkSpace » Initial Setup » Certificate Authorities"


Select the Certificate Authority and click on "Edit".

 

rtaImage.png

 

Scroll down to find the Validity time of the certificate and customize it.

 

rtaImage (1).png

Version History
Revision #:
2 of 2
Last update:
‎07-30-2014 01:44 PM
Updated by:
 
Labels (1)
Comments
pli-wireless

Thanks for the quick guide.  Do you know if the Validity Period is limited behind the scenes to 2 years?  I cannot find anything in the documentation on this but we were attempting to configure 3 year certificates and the certs were issued with 2 year expirations.  Thanks, Ben

Hi Ben,

 

I was able to set the Validity period to 999 days and was able to generate a client certificate which is valid from Wednesday, 30 July 2014, 12:48 PM to Monday, 24 April 2017, 1:18 PM.client certificate.png

 

This was tested on ClearPass 6.3.4 version. Please let us know if you have any further queries.

 

Thank you.

Subhash Gattupalli

Hi Ben,

I just tested it in the lab server(CP 6.3.4) and found it working as required. I set the Validity Periiod to 1200 days and got the client certificate issued with 1200days expiration.

 

 Image 19.png

 

 

Image 20.png

 

 

If you have more than one OnBoard CA in your ClearPass server, then please ensure to increse the Validity Period in the CA which is signing the client cert.

Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.