Security

Reply
Occasional Contributor I

Issues installing root cert and profile during Clearpass Onboard process

Good Afternoon,


We recently upgraded to Clearpass 6.6.9 and since then I've had some issues with onboarding iOS devices.  First step is to install the root certificate to my device.  When I click on that to install, it opens a screen that has a bunch of gibberish on it, like it's opening the cert rather than installing it to the device.  This happens for both the root cert and the profile installation.

 

Please see the photo below.

 

 InkedIMG_3939_LI.jpg

Guru Elite

Re: Issues installing root cert and profile during Clearpass Onboard process

You need to bypass the Apple CNA for Onboard.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor I

Re: Issues installing root cert and profile during Clearpass Onboard process

Thanks Tim, 

 

Is there a way to do this without bypassing it for our guest access?  Currently we access the onboarding pages through our guest SSID.  We had some issues with it not redirecting to the guest registration page when using a normal browser, the CNA works much better for that.


Thanks!

Guru Elite

Re: Issues installing root cert and profile during Clearpass Onboard process

Unfortunately, no. The device vendors don’t allow downloads in the captive portal mini-browsers.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Frequent Contributor II

Re: Issues installing root cert and profile during Clearpass Onboard process

Hi Tim,

 

Sorry to hijack the thread.. Is there anything similar to bypass CNA for Android devices or the only option is to manually whitelist the entries android use to test intenret connection?

JayBee
ACDX | ACCX| CCIE (RnS/SP,DC) | ACCP | ACMP | ACSA | ACMA | JNCIS | JNCIA
If the provided solution resolves your issue, please mark it as accepted solution to help others.
Guru Elite

Re: Issues installing root cert and profile during Clearpass Onboard process

The whitelist required for the Onboard process also bypasses the Android captive portal mini-browser.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: