Home > Community > Technology > Controllerless Networks > Need details for what settings I need when request...

Controllerless Networks

Reply
Topic Options
GIvey
Occasional Contributor I
GIvey
Posts: 6
Registered: ‎05-21-2015

Need details for what settings I need when requesting a certificate from our enterprise CA

Options

‎06-02-2015 03:50 PM

Does anyone have the details for what settings I need when requesting a certificate from our enterprise CA. The Radius setup on the 7010 and Windows Server 2008 are very different than our 200 controller. Any help would be appreciated. Our new setup is an Aruba 7010 with 204 APs.

Alert a Moderator
Message 1 of 7 (1,055 Views)
Reply
0 Kudos
Aruba Aruba
Aruba
clembo
Posts: 1,644
Registered: ‎04-13-2009

Re: Need details for what settings I need when requesting a certificate from our enterprise CA

Options

‎06-02-2015 06:28 PM

Are you questioning the certificate requirements for the controller or your RADIUS server?   If the controller, will the certificate be for HTTPS or EAP termination (or both)?

 

 

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Alert a Moderator
Message 2 of 7 (1,028 Views)
Reply
0 Kudos
GIvey
Occasional Contributor I
GIvey
Posts: 6
Registered: ‎05-21-2015

Re: Need details for what settings I need when requesting a certificate from our enterprise CA

Options

‎06-02-2015 06:36 PM

RADIUS

Alert a Moderator
Message 3 of 7 (1,025 Views)
Reply
0 Kudos
Aruba Aruba
Aruba
clembo
Posts: 1,644
Registered: ‎04-13-2009

Re: Need details for what settings I need when requesting a certificate from our enterprise CA

Options

‎06-02-2015 06:46 PM

The certificate requirements for NPS (Server 2008) as a RADIUS server are covered in the following Microsoft TechNet document.      If you have an Enterprise CA (Windows-based), you can usually use the RAS and IAS server template or any other template with the Server Authentication EKU.

 

https://technet.microsoft.com/en-us/library/cc731363%28v=ws.10%29.aspx

 

Also, I suggest you do not request this certificate with a wildcard CN.

 

 

 

 

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Alert a Moderator
Message 4 of 7 (1,022 Views)
Reply
0 Kudos
GIvey
Occasional Contributor I
GIvey
Posts: 6
Registered: ‎05-21-2015

Re: Need details for what settings I need when requesting a certificate from our enterprise CA

Options

‎06-02-2015 07:03 PM

I dont need certs for all the connecting computers do I?

 

Alert a Moderator
Message 5 of 7 (1,016 Views)
Reply
0 Kudos
Aruba Aruba
Aruba
clembo
Posts: 1,644
Registered: ‎04-13-2009

Re: Need details for what settings I need when requesting a certificate from our enterprise CA

Options

‎06-02-2015 08:45 PM

You only need client certificates if you are using EAP-TLS.  If you use PEAP-MSCHAPv2; it is username/password combination; but the RADIUS server still needs a certificate which the clients can validate/trust.  The TechNet link I included above has a minimum server requirement and minimum client requirement section; if not using client certificates; you can ingnore the minimum client requirements section.

 

The following summarizes some of the PEAP-MSCHAPv2 requirements.

https://technet.microsoft.com/en-us/library/cc754179(v=ws.10).aspx

 

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Alert a Moderator
Message 6 of 7 (994 Views)
Reply
GIvey
Occasional Contributor I
GIvey
Posts: 6
Registered: ‎05-21-2015

Re: Need details for what settings I need when requesting a certificate from our enterprise CA

Options

‎06-02-2015 09:06 PM

I hope this gets me strightend out.

 

Thanks

Alert a Moderator
Message 7 of 7 (980 Views)
Reply
0 Kudos
Search Airheads
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

© Copyright 2017 Hewlett Packard Enterprise Development LP
Powered by Lithium