Security

 View Only
last person joined: 3 days ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

EAP-TLS: fatal alert by server - certificate expired

This thread has been viewed 16 times
  • 1.  EAP-TLS: fatal alert by server - certificate expired

    Posted May 08, 2024 05:49 AM
      |   view attached

    We are getting certificate expired alert for few clients , We have a valid certificate in the cppm trust list. Can anyone help on this issue.

    RADIUS EAP-TLS: fatal alert by server - certificate_expired
    TLS Handshake failed in SSL_read with error:14089086:SSL routines:ssl3_get_client_certificate:certificate verify failed
    eap-tls: Error in establishing TLS session


  • 2.  RE: EAP-TLS: fatal alert by server - certificate expired

    EMPLOYEE
    Posted May 08, 2024 09:46 AM

    Check the certificate used by the client device, check the trust store for the relevant intermediate(s) and root.



    ------------------------------
    Carson Hulcher, ACEX#110
    ------------------------------



  • 3.  RE: EAP-TLS: fatal alert by server - certificate expired

    Posted May 27, 2024 08:55 AM

    Hello Mithran,

    I'm with the same problem, my ClearPass is with firmware 6.11.7, what version your CP is using?

    In my case the endpoints are receveing rejects and after some minutes the same endpoint receive accept without any changes.

    Let me know if you can resolve this problem, please.

    Regards,




  • 4.  RE: EAP-TLS: fatal alert by server - certificate expired

    Posted May 28, 2024 01:15 AM

    Check whether several certificates are available in the client.



    ------------------------------
    Regards,

    Waldemar
    ACCX # 1377, ACEP, ACX - Network Security
    If you find my answer useful, consider giving kudos and/or mark as solution
    ------------------------------