Security

 View Only
  • 1.  IAPVC to Clearpass 6.12 help - unknown CA SSL error

    Posted 15 days ago

    I am trying what I thought was a fairly simple scenario - new CPPM 6.12 in Azure, a 510 AP running 8.12, both configured with certs signed by the same CA, and both intermediate and root CA certs added. I'm trying to get Radsec setup but so far all I get is errors in CPPM / Monitoring / Event Viewer saying:

    TLS connection couldn't connect for Client IP x.x.x.x: and Port 2083 Errors: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca

    Based on a few threads here I checked the IAPVC certs. Iniitally as it made me import the radsec cert as a full chain pem file I hadn;'t added the root and intermediate certs but have since done that as well. The settings for radsec on either end are fairly basic and close to defaults. 

    Any suggestions, or ideally a walk-through for this setup between Aruba wireless and Clearpass for RadSec?



  • 2.  RE: IAPVC to Clearpass 6.12 help - unknown CA SSL error

    Posted 15 days ago

    Did you installed the CA certificate on the IAPVC and configure it to for used for RadSec?



    ------------------------------
    Marcel Koedijk | MVP Expert 2024 | ACEP | ACMP | ACCP | ACDP | Ekahau ECSE | Not an HPE Employee | Opinions are my own
    ------------------------------



  • 3.  RE: IAPVC to Clearpass 6.12 help - unknown CA SSL error

    Posted 15 days ago

    see if this 3x part series on RADSEC helps you.



    ------------------------------
    If my post was useful accept solution and/or give kudos.
    Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
    ------------------------------