When a CSR is created, there is a private key that is also created to pair with the public key that is part of the CSR. That private key should normally be stored in an encrypted format, which requires a password to unlock. "Private Key Password" is referring to that password used to protect the private key.
When you use the utility in ClearPass, or most any device, to create a CSR then the private key is created and stored on the device. You must then take the CSR and get a certificate issued, then you can import that certificate and use the stored private key which ClearPass will then pair together. You must follow that workflow, do not create multiple CSR as the last CSR/private key created is the only one that is valid for import.
------------------------------
Carson Hulcher, ACEX#110
------------------------------
Original Message:
Sent: May 03, 2024 12:49 PM
From: Emerson Arias
Subject: Active Directory Authorization Certificates
Hello community,
I'm a bit new with ClearPass and I'm learning, now I'm stuck with the Authority certificates for the RADIUS service which generates me some doubts more than everything when creating certificate signing request.
ClearPass asks me for Private Key Password which I understand is the password of the certifying entity I am using which in this case is AD CS from Microsoft. The novelty is that when I create the AD CS Role in no instance when configuring the role did I create a private key which generates confusion for me since ClearPass asks me for it.
The Role tells me that it is going to create a new private key but I don't know what it is ? Someone could give me a hand explaining me this detail with AD CS from Microsoft.