Community Home > Discuss > Technology > Controllerless Networks > Need details for what settings I need when request...

Controllerless Networks

Reply
GIvey
Occasional Contributor I
GIvey

Need details for what settings I need when requesting a certificate from our enterprise CA

‎06-02-2015 03:50 PM

Does anyone have the details for what settings I need when requesting a certificate from our enterprise CA. The Radius setup on the 7010 and Windows Server 2008 are very different than our 200 controller. Any help would be appreciated. Our new setup is an Aruba 7010 with 204 APs.

Alert a Moderator
Message 1 of 7
1,256 Views
Reply
0 Kudos
Aruba
Aruba
clembo

Re: Need details for what settings I need when requesting a certificate from our enterprise CA

‎06-02-2015 06:28 PM

Are you questioning the certificate requirements for the controller or your RADIUS server?   If the controller, will the certificate be for HTTPS or EAP termination (or both)?

 

 

------------------------------------------------
Systems Engineer, Northeast USA
AMFX | ACCX | ACDX | ACMX

Alert a Moderator
Message 2 of 7
1,229 Views
Reply
0 Kudos
GIvey
Occasional Contributor I
GIvey

Re: Need details for what settings I need when requesting a certificate from our enterprise CA

‎06-02-2015 06:36 PM

RADIUS

Alert a Moderator
Message 3 of 7
1,226 Views
Reply
0 Kudos
Aruba
Aruba
clembo

Re: Need details for what settings I need when requesting a certificate from our enterprise CA

‎06-02-2015 06:46 PM

The certificate requirements for NPS (Server 2008) as a RADIUS server are covered in the following Microsoft TechNet document.      If you have an Enterprise CA (Windows-based), you can usually use the RAS and IAS server template or any other template with the Server Authentication EKU.

 

https://technet.microsoft.com/en-us/library/cc731363%28v=ws.10%29.aspx

 

Also, I suggest you do not request this certificate with a wildcard CN.

 

 

 

 

------------------------------------------------
Systems Engineer, Northeast USA
AMFX | ACCX | ACDX | ACMX

Alert a Moderator
Message 4 of 7
1,223 Views
Reply
0 Kudos
GIvey
Occasional Contributor I
GIvey

Re: Need details for what settings I need when requesting a certificate from our enterprise CA

‎06-02-2015 07:03 PM

I dont need certs for all the connecting computers do I?

 

Alert a Moderator
Message 5 of 7
1,217 Views
Reply
0 Kudos
Aruba
Aruba
clembo

Re: Need details for what settings I need when requesting a certificate from our enterprise CA

‎06-02-2015 08:45 PM

You only need client certificates if you are using EAP-TLS.  If you use PEAP-MSCHAPv2; it is username/password combination; but the RADIUS server still needs a certificate which the clients can validate/trust.  The TechNet link I included above has a minimum server requirement and minimum client requirement section; if not using client certificates; you can ingnore the minimum client requirements section.

 

The following summarizes some of the PEAP-MSCHAPv2 requirements.

https://technet.microsoft.com/en-us/library/cc754179(v=ws.10).aspx

 

------------------------------------------------
Systems Engineer, Northeast USA
AMFX | ACCX | ACDX | ACMX

Alert a Moderator
Message 6 of 7
1,195 Views
Reply
GIvey
Occasional Contributor I
GIvey

Re: Need details for what settings I need when requesting a certificate from our enterprise CA

‎06-02-2015 09:06 PM

I hope this gets me strightend out.

 

Thanks

Alert a Moderator
Message 7 of 7
1,181 Views
Reply
0 Kudos
Search Airheads
cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

© Copyright 2018 Hewlett Packard Enterprise Development LP
All Rights Reserved.
Powered by Lithium