Security

last person joined: 19 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

CN failure on certificate "name$"

This thread has been viewed 5 times

  • 1.  CN failure on certificate "name$"

    Posted Dec 03, 2015 01:43 PM

    I'm getting a CN failure in CP using EAP-TLS. The Certificate is failing b/c name is being returned as name$. if I use "Strip Username Rules" can i strip that character off when configuring the service? The User Manual just does not explain it well.

    what is format if doable? Or even better send me a more detailed faq



  • 2.  RE: CN failure on certificate "name$"

    EMPLOYEE
    Posted Dec 03, 2015 01:45 PM

    name$ is valid for machine account.

     

    Are you using Onboard or ADCS?

    Can you post a screenshot of the error?

    Are you doing cert authorization or just authentication?



  • 3.  RE: CN failure on certificate "name$"

    Posted Dec 03, 2015 01:52 PM
    2015-11-30 09:09:48,688 [Th 1 Req 3124 SessId R00000226-01-565c58ac] INFO RadiusServer.Radius - rlm_eap_tls: Certificate CN (Computers) does not match specified value (DFC-HP$)


    No onboard. Just authentication at this point


  • 4.  RE: CN failure on certificate "name$"

    EMPLOYEE
    Posted Dec 03, 2015 02:14 PM

    Where is the certificate issued from?

     

    Please try creating a new EAP-TLS authentication method and unchecking authorization required, add it to your service and test authentication again.

     

    eap-tls-noauthz.PNG