Security

Reply
MVP
Posts: 226
Registered: ‎03-03-2011

Clearpass Certificate Revocation List Set-up and use of HTTP proxy

I am trying to set-up a Certificate Revocation List (CRL) on Clearpass (6.5.1) but the appliances are configured to use a HTTP proxy.

When I add the CRL URL, I get an "Proxy Authentication Required" error message.

The HTTP proxy is set-up correctly with authentication and this is working as the appliance can download software updates. If I turn off the proxy then the CRL URL is accepted.

Does anybody know whether the CRL check utilises the HTTP proxy credentials?

Thanks

David
ACDX #98 | ACMP | ACCP
Aruba Employee
Posts: 30
Registered: ‎09-10-2012

Re: Clearpass Certificate Revocation List Set-up and use of HTTP proxy

Hi David,

 

You might see this error 'Proxy Authentication Required', when the HTTP Connect prior to GET is not allowed via proxy.

 

ClearPass 6.5.2 has an option to bypass proxy for CRL. Try bypassing the proxy for CRL under Administration->Certificates->Revocation Lists. 

 

bypass_proxy.png

 

 

Thank you,
Saravanan Rajagopal


**Did something you read in the Community solve a problem for you? If so, click "Accept as Solution" in the bottom right hand corner of the post.
Search Airheads
Showing results for 
Search instead for 
Did you mean: