Security

Reply
Occasional Contributor II
Posts: 31
Registered: ‎08-01-2013

Import Server Certificate on ClearPass (EAP-TLS authentication)

Hello,

 

I am in the process of setting up ClearPass to act as an EAP-TLS authenticator and for that I need to import the CA certificate into it.

 

All I have is the .crt file (pem type) provided by my customer, while ClearPass seems to require:

 

- The actual certificate file

- The private key file

- The private key password

 

Since, I do not have the last two items, please could smebody confirm they are necessary to import the CA certificate? Also, am I correct in saying that the CA should generate those when exporting the certificate?

 

I searched the 6.4 user guide for this, but found no clarification over those points. Has anyone ever setup ClearPass to authenticate EAP-TLS clients who could shed some light over this?

 

Many thanks,

 

Giuseppe/

Guru Elite
Posts: 8,759
Registered: ‎09-08-2010

Re: Import Server Certificate on ClearPass (EAP-TLS authentication)

If you don't have the private key, you'll need to do a CSR from ClearPass and sign it with your CA. 


Thanks, 
Tim

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Moderator
Posts: 495
Registered: ‎11-09-2012

Re: Import Server Certificate on ClearPass (EAP-TLS authentication)

A lot of this data is covered in depth in my ClearPass PKI TechNote. Take time to resd this to familiary yourself with all thats is PKI and ClearPass.

 

Find it here. CPPM - Certificates 101 Technote V1.0 .pdf


Best Regards
-d

Snr Tech Marketing Engineer - ClearPass

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Search Airheads
Showing results for 
Search instead for 
Did you mean: