Hi Forum,
Users have a cert issued by AD and used to authenticates directly to AD with aruba controller. I installed CPPM in between the users and AD for added profiling and BYOD capabilities of ClearPass. My ClearPass has a valid RADIUS cert issued for the root CA, the root CA cert and the intermediate CA cert are in CPPM's trusted list. ClearPass cert, Root CA, intermediate CA certs are all manually installed/trusted on client devices (GPO push). PEAP is working fine but not TLS.
I get an error saying TLS handshake failed and error unknown CA by client.
The only thing that I need to ask about is:
there is a firewall between the clients and CPPM and that firewall has a cert for SSL decryption and some advance L7 features. Does the client need to trust that cert as well?!
Thanks,