Security

last person joined: 20 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

CPPM RADIUS cert

This thread has been viewed 8 times

  • 1.  CPPM RADIUS cert

    Posted Jul 05, 2016 04:17 AM

    I have a CPPM where the HTTPS certificate is still valid for the next year, but the RADIUS cert is about to expire. This device is only used for guest users connecting from Instants and Controllers. Will this expired cert cause an issue or is it only the HTTPS certificate expiring that will give the users an error?



  • 2.  RE: CPPM RADIUS cert
    Best Answer

    EMPLOYEE
    Posted Jul 05, 2016 04:56 AM
    If the cert expires the radius service will stop processing requests. You can just issue a self signed cert and install it on the radius.


  • 3.  RE: CPPM RADIUS cert

    Posted Jul 13, 2016 04:00 AM

    I have iinstalled a self-signed cert which worked fine, although there was a delay in reporting that the new one was installed and was not due to expire. This was cleared after the clean-up interval.

    Thanks for all the help.



  • 4.  RE: CPPM RADIUS cert

    Posted Jul 05, 2016 07:11 AM

    When the HTTPS certificate expires, users will receive an error when browsing to the URL. The HTTPS certificate will not impact authentication in any way. 



  • 5.  RE: CPPM RADIUS cert

    EMPLOYEE
    Posted Jul 06, 2016 03:33 AM

    The RADIUS certificate is only used in EAP authentication transactions, not for captive portal which typically uses PAP or CHAP for the authentication.

     

    Good catch by Troy on the RADIUS server terminating. Putting the same certificate as you have for HTTPS as your RADIUS certificate may solve that as well, if you don't feel comfortable putting a self-signed cert as your RADIUS cert.