06-05-2019 09:46 AM
I need to allow limited access to users which have expired certificates issued by corporate AD CA with Clearpass 6.8. My first try was to check error code clearpass returns, but suddenly the error number was not expected 212 (client certificate expired) but 215 (tls session error). My next idea was to check certificate "not-valid-after" field if its lower than "now" but it happens, that I need to specify precise date in such rule.
Is there any other ideas how I can allow access for such users using EAP-TLS?
Solved! Go to Solution.
06-05-2019 09:49 AM
Re: CPPM, EAP-TLS and expired user certificate
06-07-2019 12:05 AM
Thank you, Tim.
https://community.arubanetworks.com/t5/Security/Handling-certificate-expiration/td-p/93548 helped me with catching user before certificate expiration.