Security

Hello,

 

i am running 6.7 version of CPPM for a customer POC. since it's a POC we don't have any public certs. 

I created the Onboard CA in clearpass and used that to sign the radius certificate for Clearpass. Device enrollment for IOS is failing with error message " Profile installation failed",the server cartifcate for "https"//xxxx/guest/mdps_profile.php/xxxxxxxx is invalid.

 

i followed some of the previous community posts and disabled HTTPS both in  ClearPass and Controller captive portal profile.

also checked NO, for web server certifcate validation. 

 

is there anything else i can do to get this working for POC? 

 

thanks 

Kandhla

 

You need to have a public HTTPS certificate. This is Apple's requirement.

Hi, which OS (windows 7,10, macOS)?

Hi, which OS (windows 7,10, macOS)?

You could also create a temporary public certificate via verisign I think... they have a trial version if I recall

You could also create a temporary public certificate via verisign I think... they have a trial version if I recall

You can use a lets encrypt certificate for free for 90-days. Comodo also have trail certs..... or you buy some... is not that expensive 😉

Hi Kandhla,

 

Have you found your solution for this?  I am having the same issue.  Hoping for your reply.

 

 

Since I do not have public HTTPS certificate and I am using IOS device, I tried to change from https to http in the captive portal profile and it works.  

You need to have a public certificate for HTTPS for ClearPass. You should not be running anything over HTTP.

Hi Tim,

 

Noted and thanks for the advise.  This is for my internal lab testing.