This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to generate certificates for 802.1x authentication for the access points? Thanks.

How to generate certificates for 802.1x authentication for the access points? Thanks.

Go to solution
dal
New Contributor II

‎08-06-2018 01:26 PM

How do i generate certificate requests for use in 802.1x authentication for the access points, as seen under Configuration -> Network Policy -> Additional Settings -> Secure Port Settings?

I tried to set them up with PEAP, but the radius server recieves messages where the username is set to INVALID for some reason.

So either I have to figure out what causes that, or try to use certificates, which is the way I really want to go.

 

Thanks.

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
samantha_lynn
Esteemed Contributor III

‎08-08-2018 03:25 PM

I'm sorry, I think there is some confusion on how these certs work. You would download the CSR from the HiveManager, import that in to your CA, your CA signs it, and should give you three things: The CA cert file (this is the intermediate and root certs concatenated together), the server cert file (this is the one the CA signs), and the key file. All you would need to do from there is import these in the the HiveManager, the HiveManager doesn't sign these again.

View solution in original post

0 Kudos
14 REPLIES 14

Go to solution
samantha_lynn
Esteemed Contributor III

‎08-20-2018 12:24 PM

Can't say that I've tried with a Windows CA cert, but theoretically you should be able to export the certificate into PFX files to separate out the private key (assuming the CA template you are using allows the private key to be exported). Windows support would probably have better tips for you.

0 Kudos

Go to solution
dal
New Contributor II

‎08-17-2018 06:42 AM

Great, thanks.

Then I only need to figure out how to "extract" a private key file from the sertificate that the Windows CA generates, since it seems that Hivemanager requires a separate private key file.

 

Any tips on how to do that?

 

Thanks.

0 Kudos

Go to solution
samantha_lynn
Esteemed Contributor III

‎08-16-2018 05:35 PM

I'm sorry for the delay getting back to you, we have been looking in to this for you and it looks like Web server would be your best option. Technically speaking, the SSL certs are pretty much the same with the exception of the type of attributes they contain. Radius SSL certs in particular have two authentication attributes that must be included.

0 Kudos

Go to solution
bruce_stahlin
Contributor III

‎08-16-2018 12:42 PM

I see, thank you for the clarification.

0 Kudos
GTM-P2G8KFN