During Onboard deployment testing or a user bringing a new device to the network, we may want to delete the old device/client certificates from ClearPass.
As a network Admin you would do that manually, however you would want an automatic way to do that.
So the question arises, how to delete old certificates from previous enrollments of a device automatically on ClearPass.
In ClearPass 6.5 onwards, we have a new checkbox under Onboard provisioning settings. If checked then old certificates from previous enrollments of a device will be automatically deleted.
In order to configure this setting please navigate to CPPM > Guest > Onboard > Deployment and Provisioning > Provisioning Settings > Select the provisioning profile > click edit > General tab > navigate to "Action" section
We also have option to add a deletion delay. This will make sure that any duplicate certificates will be deleted after the specified number of days have passed, since device re-enrollment.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.