I'm just setting up an eval clearpass 6.2 system and am trying to import a server certificate. I've used this cert provider on loads of servers and they've always gone in just fine. The CN is airwave.york.ac.uk with a SubjectAlternateName of clearpass.york.ac.uk.
I've imported the root cert and both the intermediate certs but when I try and import the server cert I get "Certificate File is not suitable for web server authentication" appearing. Is it something to do with the fact that the CN isn't clearpass.york.ac.uk? Any way round this?
PEM base formt. file extension =.crt
Any news on this?
If you can open it on a Windows Computer, please look to see what it says under the Enhanced Key usage:
I've got a server cert, Using openssl x509 -text -in <autoconnect.crt> -noout I get
X509v3 extensions:X509v3 Authority Key Identifier:keyid:0C:BD:93:68:0C:F3:DE:AB:A3:49:6B:2B:37:57:47:EA:90:E3:B9:E
X509v3 Subject Key Identifier:4B:FF:F1:B9:ED:59:A1:27:A8:2C:36:0F:59:05:E8:FB:2F:35:E4:E6X509v3 Key Usage: criticalDigital Signature, Key EnciphermentX509v3 Basic Constraints: criticalCA:FALSEX509v3 Extended Key Usage:TLS Web Server Authentication, TLS Web Client AuthenticationX509v3 Certificate Policies:Policy: 126.96.36.199.4.1.64188.8.131.52.29Policy: 184.108.40.206.2.1
Cert obtained from JANET Certificate authortity.
Please open a support case. You could have a unique problem.
While getting the CSR from clearpass to be signed by the ADCS, ensure that you have selected "Certificate Template = Web Server" in ADCS.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.