03-09-2016 02:36 PM
I need to change the RADIUS certificate in clearpass. I am using the ClearPass RADIUS server for a few purposes - Device Authentication as well as EAP-TLS Authentication.
I know that EAP-TLS clients check this certificate and will prompt the user if the certitifcate is not trusted. I can solve this by deploying the new certificate to all clients.
What I'm not sure about however is if Devices using RADIUS for authentication will stop functioning if the certificate is changed. Do devices check the RADIUS certificate?
Solved! Go to Solution.
03-09-2016 03:11 PM
Many devices require the user to click on "Accept" when the radius server certificate is changed. On windows devices you can push the Radius Server's Certificate to the trust list ahead of time using group policy. With other platforms, it will stop communicating until the user clicks on "Accept"..
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
03-09-2016 03:32 PM
Ah sorry I wasn't super clear - I have networking equipment authentication happening via RADIUS. For example routers and switches.
Do these devices check the RADIUS certificate? How can I tell?
I'm leaning towards no, as access tracker shows these as type PAP.
03-09-2016 04:34 PM