Security

 View Only
  • 1.  Which ClearPass HTTPS certificate should I choose between ECC and RSA?

    Posted Sep 09, 2024 11:20 PM

    Hi All,

    Which HTTPS certificate type should I use on ClearPass between ECC and RSA?



  • 2.  RE: Which ClearPass HTTPS certificate should I choose between ECC and RSA?

    Posted Sep 10, 2024 02:28 AM

    normally use the RSA and disable the ECC



    ------------------------------
    ACMP ACSP ACCP ACEP ACDP
    ------------------------------



  • 3.  RE: Which ClearPass HTTPS certificate should I choose between ECC and RSA?

    Posted Sep 10, 2024 07:12 AM

    Depends. Is your HTTP certificate elliptical curve or RSA?  ECC is more secure.




  • 4.  RE: Which ClearPass HTTPS certificate should I choose between ECC and RSA?

    Posted Sep 23, 2024 05:47 AM

    ECC is more modern, and can be more secure. The real benefit is that you can have much shorter keys with ECC to get an equivalent security compared to RSA. Also implementing ECC in software or hardware is much more efficient which provides better performance.

    I moved to ECC for my ClearPass years ago, and have not really seen issues. All (somewhat) modern devices tend to support ECC certificates.

    Just make sure that you disable the HTTPS-RSA certificate in ClearPass if you install an ECC certificate. Just one should be enabled, RSA or ECC.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------