Security

Hello,

One of our customers will be migrating to the Azure/Intune PKI environment. We have been asked if its possible to create a cert for the Clearpass Server from the Azure/Intune PKI. Has anyone managed to get this to work previously?

Thank you in advance for any contribution. 

Kind regards

Talking about Microsoft Cloud PKI for Microsoft Intune?  That appears to be a PKI setup strictly for managed devices.  Why would ClearPass need a certificate from the Cloud PKI?

Hello,

One of our customers will be migrating to the Azure/Intune PKI environment. We have been asked if its possible to create a cert for the Clearpass Server from the Azure/Intune PKI. Has anyone managed to get this to work previously?

Thank you in advance for any contribution. 

Kind regards

Hi,

That is because this is the Root CA within our customer's deployment. We just need a valid certificate on Clearpass and unfortunately Cloud PKI is what would be the issuer. 

Talking about Microsoft Cloud PKI for Microsoft Intune?  That appears to be a PKI setup strictly for managed devices.  Why would ClearPass need a certificate from the Cloud PKI?

Hello,

One of our customers will be migrating to the Azure/Intune PKI environment. We have been asked if its possible to create a cert for the Clearpass Server from the Azure/Intune PKI. Has anyone managed to get this to work previously?

Thank you in advance for any contribution. 

Kind regards

I'm not seeing any indication that such is possible.  They'll need to use a separate PKI to issue the certificate for ClearPass and then use Intune to make sure that the client devices have the correct trust anchors in place.

Hi,

That is because this is the Root CA within our customer's deployment. We just need a valid certificate on Clearpass and unfortunately Cloud PKI is what would be the issuer. 

Talking about Microsoft Cloud PKI for Microsoft Intune?  That appears to be a PKI setup strictly for managed devices.  Why would ClearPass need a certificate from the Cloud PKI?

Hello,

One of our customers will be migrating to the Azure/Intune PKI environment. We have been asked if its possible to create a cert for the Clearpass Server from the Azure/Intune PKI. Has anyone managed to get this to work previously?

Thank you in advance for any contribution. 

Kind regards

Either buy a certificate from a public CA, or configure ClearPass as a Root CA and issue the needed server certificate from this CA.

Server certificates does not need an Onboard license as the client certificates do

I'm not seeing any indication that such is possible.  They'll need to use a separate PKI to issue the certificate for ClearPass and then use Intune to make sure that the client devices have the correct trust anchors in place.

Hi,

That is because this is the Root CA within our customer's deployment. We just need a valid certificate on Clearpass and unfortunately Cloud PKI is what would be the issuer. 

Talking about Microsoft Cloud PKI for Microsoft Intune?  That appears to be a PKI setup strictly for managed devices.  Why would ClearPass need a certificate from the Cloud PKI?

Hello,

One of our customers will be migrating to the Azure/Intune PKI environment. We have been asked if its possible to create a cert for the Clearpass Server from the Azure/Intune PKI. Has anyone managed to get this to work previously?

Thank you in advance for any contribution. 

Kind regards

Every certificate issued using an Onboard CA requires Onboard licensing to be in place.

Either buy a certificate from a public CA, or configure ClearPass as a Root CA and issue the needed server certificate from this CA.

Server certificates does not need an Onboard license as the client certificates do

I'm not seeing any indication that such is possible.  They'll need to use a separate PKI to issue the certificate for ClearPass and then use Intune to make sure that the client devices have the correct trust anchors in place.

Hi,

That is because this is the Root CA within our customer's deployment. We just need a valid certificate on Clearpass and unfortunately Cloud PKI is what would be the issuer. 

Talking about Microsoft Cloud PKI for Microsoft Intune?  That appears to be a PKI setup strictly for managed devices.  Why would ClearPass need a certificate from the Cloud PKI?

Hello,

One of our customers will be migrating to the Azure/Intune PKI environment. We have been asked if its possible to create a cert for the Clearpass Server from the Azure/Intune PKI. Has anyone managed to get this to work previously?

Thank you in advance for any contribution. 

Kind regards

To my knowledge, only client/device certificates (that have not expired or are revoked), count as one Onboard license per user.

From the documentation: "Onboard license usage is computed based on the number of users with Onboard-generated device certificates."

A server certificate is not supposed to count against Onboard licenses in my experience.

Every certificate issued using an Onboard CA requires Onboard licensing to be in place.

Either buy a certificate from a public CA, or configure ClearPass as a Root CA and issue the needed server certificate from this CA.

Server certificates does not need an Onboard license as the client certificates do

I'm not seeing any indication that such is possible.  They'll need to use a separate PKI to issue the certificate for ClearPass and then use Intune to make sure that the client devices have the correct trust anchors in place.

Hi,

That is because this is the Root CA within our customer's deployment. We just need a valid certificate on Clearpass and unfortunately Cloud PKI is what would be the issuer. 

Talking about Microsoft Cloud PKI for Microsoft Intune?  That appears to be a PKI setup strictly for managed devices.  Why would ClearPass need a certificate from the Cloud PKI?

Hello,

One of our customers will be migrating to the Azure/Intune PKI environment. We have been asked if its possible to create a cert for the Clearpass Server from the Azure/Intune PKI. Has anyone managed to get this to work previously?

Thank you in advance for any contribution. 

Kind regards

I'm not seeing any indication that such is possible.  They'll need to use a separate PKI to issue the certificate for ClearPass and then use Intune to make sure that the client devices have the correct trust anchors in place.

Hi,

That is because this is the Root CA within our customer's deployment. We just need a valid certificate on Clearpass and unfortunately Cloud PKI is what would be the issuer. 

Talking about Microsoft Cloud PKI for Microsoft Intune?  That appears to be a PKI setup strictly for managed devices.  Why would ClearPass need a certificate from the Cloud PKI?

Hello,

One of our customers will be migrating to the Azure/Intune PKI environment. We have been asked if its possible to create a cert for the Clearpass Server from the Azure/Intune PKI. Has anyone managed to get this to work previously?

Thank you in advance for any contribution. 

Kind regards