Log in to ask questions, share your expertise, or stay connected to content. Don’t have a login? Join now.
How to use Two diff certificate on a master and Standby controller for 802.1x Authentication Usually, we create and upload separate certificates for master and the standby controllers so that the 802.1x clients can be served by the standby controller in case the master goes down. Both controller needs to have individual certificates mapped in the 802.1x profile controllers for authentication purpose.However, majority of the configuration on the standby controller is pushed from the master including certificate mapping in the 802.1x profile. We cannot map a different certificate from the backup controller’s WebUI or CLI (the fields will be greyed out). As a result, if certificates on the master and the backup are with different names, master would not have the certificate that needs to be mapped on the backup controller.Here is an Example ==============We have certificates with different names for master and backup controller-Certificate name for master controller - MasterCertificate.DERCertificate name for standby controller – BackupCertificate.DERNow, since the certificate needs to be mapped to the 802.1x profile only through the master controller (the same config gets pushed to the standby controller), we can map only one certificate name in the 802.1x profile for both master and the backup controller.However, as we have a certificate with different name uploaded on the backup controller, this certificate will not be used for 802.1x authentication on the backup controller.In order to use the certificate on backup controller (BackupCertificate.DER), we would need to upload it with the same certificate name as that on the master controller (MasterCertificate.DER).Rename the backup certificate’s name to match to the master certificate’s name and upload it on the standby controller.How to use Two diff certificate on a master and Standby controller for 802.1x Authentication Usually, we create and upload separate certificates for master and the standby controllers so that the 802.1x clients can be served by the standby controller in case the master goes down. Both controller needs to have individual certificates mapped in the 802.1x profile controllers for authentication purpose.However, majority of the configuration on the standby controller is pushed from the master including certificate mapping in the 802.1x profile. We cannot map a different certificate from the backup controller’s WebUI or CLI (the fields will be greyed out). As a result, if certificates on the master and the backup are with different names, master would not have the certificate that needs to be mapped on the backup controller.Here is an Example ==============We have certificates with different names for master and backup controller-Certificate name for master controller - MasterCertificate.DERCertificate name for standby controller – BackupCertificate.DERNow, since the certificate needs to be mapped to the 802.1x profile only through the master controller (the same config gets pushed to the standby controller), we can map only one certificate name in the 802.1x profile for both master and the backup controller.However, as we have a certificate with different name uploaded on the backup controller, this certificate will not be used for 802.1x authentication on the backup controller.In order to use the certificate on backup controller (BackupCertificate.DER), we would need to upload it with the same certificate name as that on the master controller (MasterCertificate.DER).Rename the backup certificate’s name to match to the master certificate’s name and upload it on the standby controller.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.