08-09-2016 09:33 AM
Quick Public Cert question:
A customer will be load balancing between clearpass nodes per region. Each region will be doing zone based DNS for resolution of the address.
If all redirects were pointed to the clearpass.customer.com and not referencing the local host name at all, is there a need to have local server names in the SAN field, or can the same public cert be put on each of the servers without any SANs (or sans SANs if you will! )
08-09-2016 09:36 AM
each server listed as a SAN. Use this cert on each server.
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
08-09-2016 02:20 PM
As an FYI, this is covered in the CPPM PKI-101 TechNote, plus a whole lot of other related data you may want to consider/review. Find it on the support page.
Snr Tech Marketing Engineer - ClearPass
-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.