Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Import RADIUS Server Certificate Error

This thread has been viewed 0 times

  • 1.  Import RADIUS Server Certificate Error

    Posted Feb 15, 2018 09:27 AM

    We have recently added a new clearpass server to our cluster and are trying to import our radius cert after exporting from our publisher.  Now it is very possible that I have forgotten or did not set the Private Key Password correctly to what I normally use for cert passwords.  I am not convienced this is the issue, however is there any way to recover a Private Key Password via third party tools, etc?

     

    Would there be any other reason that I am getting the below error message when importing my .crt and .pkey files from a our publisher Server?

     

    cperror.png

     

    Thank you in advance for any help you can provide!



  • 2.  RE: Import RADIUS Server Certificate Error

    EMPLOYEE
    Posted Feb 15, 2018 09:28 AM
    Test the private key password via openssl.


  • 3.  RE: Import RADIUS Server Certificate Error

    Posted Feb 15, 2018 10:03 AM

    Thank you Tim.  It looks like that is indeed the issue.  I have tried a number of passwords and none seem to work.

     

    Is it safe to generate a new pkey file via openssl and would this work with the current .crt file?  Please forgive my ignorance in this area.

     

    openssl rsa -des3 -in keyfilename -out newkeyfilename

     

     



  • 4.  RE: Import RADIUS Server Certificate Error

    EMPLOYEE
    Posted Feb 15, 2018 10:09 AM
    No, you would need to get your certificate reissued from the CA with a new private key.


  • 5.  RE: Import RADIUS Server Certificate Error

    Posted Feb 15, 2018 10:16 AM

    Thanks for your help Tim!