Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

EAP-TLS Unknown CA

This thread has been viewed 11 times

  • 1.  EAP-TLS Unknown CA

    Posted Feb 26, 2016 08:09 AM

    Hi,

     

    We are using Instant APs, SSID auth is configured as .1x with CPPM.

    On CPPM there is a Service with EAP-TLS.

    Laptops which must use the SSID have machine certificates issued by Corporate CA.

    We generated Server Certificate for CPPM and uploaded the Chain onto CPPM.

    Authentication fails, we receive the following error:

    EAP-TLS: fatal alert by server - unknown ca

    error in establishing tls session

     

    Please advise !



  • 2.  RE: EAP-TLS Unknown CA

    EMPLOYEE
    Posted Feb 26, 2016 08:11 AM
    Make sure the root CA is installed on the client. 

    Sent from Nine


  • 3.  RE: EAP-TLS Unknown CA

    Posted Feb 26, 2016 08:20 AM

    it is



  • 4.  RE: EAP-TLS Unknown CA

    Posted Mar 05, 2016 09:42 AM

    check if you do termination on the IAP, you shouldn't.

     

    also check if your client settings are correct for which CA should be trusted.