**Update***
I spoke with Victor and thought I would share this.....
This is in the help under certificates of you see an error about your webserver/radius cert. on 6.3/6.2.5
The RADIUS server certificate is used by ClearPass to secure authentication traffic. The HTTPS server certificate is used by ClearPass to secure web traffic. They can be configured in Policy Manager under Administration » Certificates » Server Certificate.
The RADIUS server certificate need not be a certificate issued by a trusted commercial certificate authority. However if you are running ClearPass as a cluster, each server in the cluster must use a certificate signed by the same root certificate authority.
To allow Windows 8.1 devices to authenticate successfully this certificate must contain the id-kp-eapOverLAN extended key usage. ClearPass Onboard includes this when creating a "trusted" certificate, this is the recommended method of creating your
RADIUS server certificate(s).
The optimal configuration for Onboard is a HTTPS server certificate issued by a trusted commercial certificate authority. A list of certificate authorities trusted by iOS devices can be found at http://support.apple.com/kb/HT5012.
Alternatively if you only wish to use a single Onboard Certificate Authority then you can use that Certificate Authority to sign the server certificate. Users will then have to install the certificate as part of the provisioning process. Refer to the User Guide for more information.
For testing purposes you can disable the requirement for HTTPS on the Authentication configuration page. However this is an insecure configuration that should not be used in a production environment.