Wireless Access

 View Only
last person joined: yesterday 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

ClearPass Manage certificate expired

This thread has been viewed 22 times
  • 1.  ClearPass Manage certificate expired

    Posted Sep 20, 2022 12:58 AM
    I am getting the following error message regarding certificate expiry on my Clear Pass Manager.
    How do i get it renewed ?


  • 2.  RE: ClearPass Manage certificate expired

    Posted Sep 20, 2022 11:42 AM
    Is the HTTPS certificate self-signed or is it one you acquired/installed signed by internal or public CA?

    Screenshot of the Administration > Certificates > Certificate Store > HTTPS Server Certificate
    would be helpful if you can provide

    ------------------------------
    ACNSA | ACEA | ACCP | ACMP
    ------------------------------



  • 3.  RE: ClearPass Manage certificate expired

    Posted Sep 20, 2022 08:33 PM
    looks like self signed cert



  • 4.  RE: ClearPass Manage certificate expired

    EMPLOYEE
    Posted Sep 21, 2022 01:37 AM
    You can create new self-signed certificates from the Certificate Store (CPPM: Administration --> Certificates --> Certificate Store).

    If you are not using RadSec then you can generate a self signed certificate for that also to remove the alert about the expired certificate.

    Best practice for the https certificate is to use one trusted by the clients that are going to interact with the https server. For guest captive portal this would be a public CA signed certificate. If you are not using captive portal then an internally signed (Windows CA for example) certificate would be sufficient.


  • 5.  RE: ClearPass Manage certificate expired

    Posted Sep 21, 2022 02:41 AM
    The RadSec cert is also expired.
    do i do the same to renew the cert ?


  • 6.  RE: ClearPass Manage certificate expired

    Posted Sep 21, 2022 03:15 AM
    Are you using it? if not, you can renew it the same way, or leave it like it is, it does not impact production

    if you are using it, your devices (switches/controllers) will need to communicate with clearpass using the certificate, so the certificate should be trusted etc on these devices


    ------------------------------
    Thomas
    ------------------------------



  • 7.  RE: ClearPass Manage certificate expired

    EMPLOYEE
    Posted Sep 21, 2022 03:16 AM
    Best practice for RadSec is to use a CA signed certificate. But if you are not using Radsec then a self-signed certificate will be fine.