Security

Reply
Frequent Contributor II

I created a CSR on Clearpass how can I sign it to be trusted if I don't have internal PKI?

I created a CSR on Clearpass how can I sign it to be trusted if I don't have internal PKI?

Guru Elite

Re: I created a CSR on Clearpass how can I sign it to be trusted if I don't have internal PKI?

Is this for a radius certificate or for the web server certificate?

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Frequent Contributor II

Re: I created a CSR on Clearpass how can I sign it to be trusted if I don't have internal PKI?

Web (Captive portal,Https logins) how to do it

Guru Elite

Re: I created a CSR on Clearpass how can I sign it to be trusted if I don't have internal PKI?

You'll need to have a public CA issue you a cert.

GoDaddy is a cheap option.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Frequent Contributor II

Re: I created a CSR on Clearpass how can I sign it to be trusted if I don't have internal PKI?

thats is for public what if I have windows server how can I do that?

Guru Elite

Re: I created a CSR on Clearpass how can I sign it to be trusted if I don't have internal PKI?

You need to do it with a public CA otherwise all the devices that are connecting to your guest network will get a certificate error.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Frequent Contributor II

Re: I created a CSR on Clearpass how can I sign it to be trusted if I don't have internal PKI?

ok waht if I want to make users use normal HTTP to avoid certfiate error how can I do it?

Moderator

Re: I created a CSR on Clearpass how can I sign it to be trusted if I don't have internal PKI?

another option is to use the CPPM Onboard CA to sign your CSR.

 

Take a look at my PKI 101 doc here......

 

http://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/Default.aspx?EntryId=7961

 


Best Regards
-d

ClearPass Product Manager

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Frequent Contributor II

Re: I created a CSR on Clearpass how can I sign it to be trusted if I don't have internal PKI?

Thank you so much but actually I dont have onboard License

 

is there is a solution that I can make users redirect to http to avoid certficate error that appear on browser?

Guru Elite

Re: I created a CSR on Clearpass how can I sign it to be trusted if I don't have internal PKI?

You get 25 enterprise licenses with every ClearPass server which can be used for a combination of Onboard, OnGuard and Guest.

What type of captive portal are you using? Self reg? AD/employee authentication? Accept terms /click through?

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: