Is there a way to modify the onboard certficate validiation duration per profile created or is it strictly a global option (in OnBoard > Certificate Authorities > Local Certificate Authority)?
1) You should never use the default CA in production
2) Return an application enforcement during Onboard pre-auth using the ClearPass:Session-Timeout attribute with a value in seconds (1 month = 2592000). The CA's maximum validity needs to be greater than or equal to any of these returned values.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.