Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Certs revoked despite being still valid?

This thread has been viewed 0 times

  • 1.  Certs revoked despite being still valid?

    Posted Nov 29, 2016 11:56 PM

    We have a lot of devices suddenlty being revoked despite stillhaving valid certs, and not in breach of our "last seen on network" period.

     

    How do I find out when the device was last seen, or any more info on why the cert has been revoked??

     

    Issued To:Revoked At:Revoked:Valid From:Valid To:

    user
    auser
    revoked at
    Thursday, 24 November 2016, 3:00 AM
    revoked
    This certificate has been revoked.
    valid fromFriday, 06 May 2016, 11:44 AM
    valid toWednesday, 05 May 2021, 12:14 PM

    Certificate Status revoked
    EAP-TLS: fatal alert by server - certificate_unknown
    eap-tls: Error in establishing TLS session



  • 2.  RE: Certs revoked despite being still valid?

    EMPLOYEE
    Posted Nov 30, 2016 12:01 AM
    Do you have the inactivity period option enabled in the provisioning profile?


  • 3.  RE: Certs revoked despite being still valid?

    Posted Nov 30, 2016 12:03 AM

    Yes, but this period is set to 60 days, and I know these devices get used daily.. How can I see when they were last seen, or find out more or why the cert has been revoked?  

     

    We have started seeing a lot of devices in this state, and ones I know do get used on a regular basis...

     

    Thanks



  • 4.  RE: Certs revoked despite being still valid?

    EMPLOYEE
    Posted Nov 30, 2016 09:11 AM

    In CPG, do you see anything in the Application Log when you search "revoke"? (Administration > Support > Application Log)