Security

Reply
Highlighted
Frequent Contributor I

Comodo Certificates Expiry

Hi, I have been hit by  Comodo AddTrust Root Expiration.

 

The certificate chain has expired - I know very little about certificates and I wondered if anyone could help restoring the comodo certificate chain.

 

I can access clearpass because it not has not expired on browsers.  But the access tracker shows nothing because the trust is gone.

 

Or a work around for it?

 

 

Highlighted
MVP Guru

Re: Comodo Certificates Expiry

If the current certificate is signed by the Root CA (which I suspect it is) you will also need to renew the certificate via Comodo too.

 

You can download the current Root & Intermediate CAs from Comdo for below, these will need to be uploaded to CPPM prior uploading a new certificate.

 

https://support.comodo.com/index.php?/comodo/Knowledgebase/List/Index/75/instantsslenterprisesslintranetssl

 

There is an excellent Tech Note regarding certificates which details how to obtain a CSR, certificate types and the best practices for different CPPM deployments.

 

CPPM - Certificates 101 Technote V1.2.pdf 

 

*EDIT* - Added correct Tech Note link


ACMP, ACSA, ACDX #985
If my post addresses your query, give kudos:)
Highlighted
Frequent Contributor I

Re: Comodo Certificates Expiry

Hello

 

I am afraid that link takes you to the old certificates that have expired. I am confused.

 

 

Highlighted
MVP Guru

Re: Comodo Certificates Expiry

Have you reached out to Comodo then to request the new Root/Intermediate certs? Once you have these certs, Comodo will need to sign your certificate in order for it to be valid.


ACMP, ACSA, ACDX #985
If my post addresses your query, give kudos:)
Highlighted
Frequent Contributor I

Re: Comodo Certificates Expiry

Comodo now known as sectigo, now uses a 3 step certificate chain instead of four.  After the 30th of may the old certificates are no longer valid.

 

Managed to put the three certificates into a new certificate chain and imported it into clearpass.

The subscriber needed a services restart but back to normal again.

 

Browsers and devices usually handle this themselves, but you have to do it manually on clearpass.

I live and learn

Thanks!

 

PS Thanks TAC team 

Highlighted
MVP Guru

Re: Comodo Certificates Expiry

Glad to hear it is sorted!


ACMP, ACSA, ACDX #985
If my post addresses your query, give kudos:)
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: