Security

Reply
Occasional Contributor II

ClearPass HTTPS certificate query

Hi community,

 

I have a query regarding HTTPS certificates. 

 

We have a Clearpass cluster that we use to provide Guest internet access. As such one of the interfaces on the Clearpass server is internet facing, with an associated web-login page that guests are redirected to through a captive-portal of the Aruba controller. We also have a public CA signed certificate for this web-login page, all works well and good. We also have an inside interface on the Clearpass appliance that internal users access to create guest accounts. 

 

My query is this, can I use a separate internally signed certificate for the guest creation page accessible via the internal interface, or is only a single HTTPS certificate supported for the appliance. Currently we receive a certificate error for the internal URL as the URL is not referenced as a SAN in the certificate (used for web-login page). I also don't believe our public CA would issue a certificate if the SAN attribute for the internal page was included in the CSR as it would not be DNS resolvable. I couldn't see an obvious way to associate a certificate with the guest creation page that is different from the one used for external access?

 

Thanks in advance.

Guru Elite

Re: Clearpass HTTPS certificate query

Single certificate for HTTPS and single certificate for EAP.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: