Log in to ask questions, share your expertise, or stay connected to content. Don’t have a login? Join now.
I'm having trouble authenticating against an AD server that has a self signed CA. I was able to import the cert, but I still fail. I see an "unknown CA" error during the TLS negotiation between the Clearpass and AD server.
Is this a non-starter with Clearpass? And...before everyone flags the security (or lack thereof) of using a self signed cert....we're testing prior to going in production with a true cert.
This is solely between ClearPass and AD. You don't need to do anything to clients.
Since it is a self-signed certificate, upload the AD certificate here:
If its signed by an internal MS ADCS certificate authority, upload the private root CA.
Thanks Tim.
I have limited access to the server, so I uploaded the cert they said the LDAP server is using in the trust list...it's enabled and trusted.
I still throw an unknown CA error in a wireshark trace, so that means I was given the wrong cert...or I have a mismatch between cert and dns name.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.