View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

ClearPass IV Connector error

This thread has been viewed 10 times
  • 1.  ClearPass IV Connector error

    Posted Feb 22, 2024 09:38 AM

    Hi Team

    I am getting the below error after I upgrade the CPPM from 6.11 version to 6.12.0 version. Is there anyone have a workaround to remove this error massage?

    Thanks for your consistence! 

  • 2.  RE: ClearPass IV Connector error

    Posted Feb 22, 2024 09:56 AM

    This seems to be something that happens if you disable the HTTPS(ECC) certificate and there are multiple RootCAs with the same name in the Trust store with the same name, like an updated Root CA from your public CA provider. ClearPass can in such a situation select the wrong Root/Intermediate CA.

    Aruba TAC can assist you in this, but I've seen them replace the HTTPS certificate by a self-signed certificate (backup the original first), then remove the old/redundant root and intermediate CAs, then import the certificate again. Not sure if you have the same issue, so it may be advisable to work with TAC. This issue seems to pop up quite recent (but not only on 6.12), so the root cause (like a specific public CA's root change) may become clear in the future.

    Herman Robers
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.

  • 3.  RE: ClearPass IV Connector error

    Posted Feb 23, 2024 02:24 AM


    I had the same problem during one of my 6.11 upgrade.

    It was an Intermediate trusted certificate that was missing (not imported) at rebuild time. Added the missing PEM and the error disappears

    Kind regards

    Christian Chautems