Solved

Multiple Control Servers - Certificates

  • 18 November 2019
  • 1 reply
  • 955 views

Userlevel 1

Hello,

If I am deploying multiple Control servers, do I need to have the names of each server added to the SAN of the certs installed on the Control servers?

I am thinking captive portal cert; yes, and RADIUS cert; no?

 

Am I correct?

icon

Best answer by Keene, Scott 20 November 2019, 15:25

Hello,

No you do not. There is no specific requirement for this; you can use SAN certs if you'd like, but typically folks deploy a unique FQDN cert for each NAC appliance (I also answered this in the case you created with GTAC).  I’m not sure what you mean by this:  “I am thinking captive portal cert; yes, and RADIUS cert; no?”  You can use the same FQDN cert on a NAC for RADIUS and Captive Portal   ...just don’t use a ‘wildcard’ cert for RADIUS.

 

Regards,

Scott Keene

NMS/NAC Support - Extreme Networks

 

 

View original

1 reply

Userlevel 4

Hello,

No you do not. There is no specific requirement for this; you can use SAN certs if you'd like, but typically folks deploy a unique FQDN cert for each NAC appliance (I also answered this in the case you created with GTAC).  I’m not sure what you mean by this:  “I am thinking captive portal cert; yes, and RADIUS cert; no?”  You can use the same FQDN cert on a NAC for RADIUS and Captive Portal   ...just don’t use a ‘wildcard’ cert for RADIUS.

 

Regards,

Scott Keene

NMS/NAC Support - Extreme Networks

 

 

Reply