Security

Reply
Occasional Contributor II

ClearPass HTTPS certificate query

Hi community,

 

I have a query regarding HTTPS certificates. 

 

We have a Clearpass cluster that we use to provide Guest internet access. As such one of the interfaces on the Clearpass server is internet facing, with an associated web-login page that guests are redirected to through a captive-portal of the Aruba controller. We also have a public CA signed certificate for this web-login page, all works well and good. We also have an inside interface on the Clearpass appliance that internal users access to create guest accounts. 

 

My query is this, can I use a separate internally signed certificate for the guest creation page accessible via the internal interface, or is only a single HTTPS certificate supported for the appliance. Currently we receive a certificate error for the internal URL as the URL is not referenced as a SAN in the certificate (used for web-login page). I also don't believe our public CA would issue a certificate if the SAN attribute for the internal page was included in the CSR as it would not be DNS resolvable. I couldn't see an obvious way to associate a certificate with the guest creation page that is different from the one used for external access?

 

Thanks in advance.

Guru Elite

Re: Clearpass HTTPS certificate query

Single certificate for HTTPS and single certificate for EAP.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: