View Only
last person joined: yesterday 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Linux non domain machine cert based Auth

This thread has been viewed 11 times
  • 1.  Linux non domain machine cert based Auth

    Posted Nov 11, 2021 04:55 AM
    Hi Team,

    We want to have cert based auth for the non-domain Linux machines with CPPM.
    Kindly share the prerequisites and how to import the cert from the AD to the Linux machines.




  • 2.  RE: Linux non domain machine cert based Auth

    Posted Nov 11, 2021 10:31 AM
    If these machines are managed by your company, in an MDM system... use that for it.

    If these are unmanaged devices, using ClearPass Onboard is a good way to get them provisioned with a client certificate.

    Besides that, the requirements are exactly the same as for Windows computers: clients should have a client certificate that is trusted by ClearPass, clients should have the root CA that issued the ClearPass RADIUS certificate installed and trusted for the authentication. Then configure the supplicant for that. How that is done really depends on the Linux distribution (like Fedora, SuSe, CentOS, Ubuntu, etc).

    Herman Robers
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.

  • 3.  RE: Linux non domain machine cert based Auth

    Posted Nov 13, 2021 12:40 AM
    Thank you Herman.