Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Import Server Certificate on ClearPass (EAP-TLS authentication)

This thread has been viewed 1 times

  • 1.  Import Server Certificate on ClearPass (EAP-TLS authentication)

    Posted Feb 18, 2015 07:39 AM

    Hello,

     

    I am in the process of setting up ClearPass to act as an EAP-TLS authenticator and for that I need to import the CA certificate into it.

     

    All I have is the .crt file (pem type) provided by my customer, while ClearPass seems to require:

     

    - The actual certificate file

    - The private key file

    - The private key password

     

    Since, I do not have the last two items, please could smebody confirm they are necessary to import the CA certificate? Also, am I correct in saying that the CA should generate those when exporting the certificate?

     

    I searched the 6.4 user guide for this, but found no clarification over those points. Has anyone ever setup ClearPass to authenticate EAP-TLS clients who could shed some light over this?

     

    Many thanks,

     

    Giuseppe/



  • 2.  RE: Import Server Certificate on ClearPass (EAP-TLS authentication)

    EMPLOYEE
    Posted Feb 18, 2015 07:45 AM
    If you don't have the private key, you'll need to do a CSR from ClearPass and sign it with your CA. 


    Thanks, 
    Tim


  • 3.  RE: Import Server Certificate on ClearPass (EAP-TLS authentication)

    Posted Feb 18, 2015 01:11 PM

    A lot of this data is covered in depth in my ClearPass PKI TechNote. Take time to resd this to familiary yourself with all thats is PKI and ClearPass.

     

    Find it here. CPPM - Certificates 101 Technote V1.0 .pdf