cancel
Showing results for 
Search instead for 
Did you mean: 

Update Certificate

Update Certificate

Bernd_Gruetzke
New Contributor III

Hi anybody,

I have an external applied radius certificate and the EMC radius certificate is empty.

Is the following procedure all I need to do?

cd /opt/nac/radius/raddb/certs
rm external_server.pemrm external_server.keystore

nacctl restart

What are the risk during this procedure?

 

BR Bernd

 

 

4 REPLIES 4

Bernd_Gruetzke
New Contributor III

Hi Mig,

I found all informations, thank you for helping!

BR Bernd

Miguel-Angel_RO
Valued Contributor II

Bernd,

 

What is the output of “root@controlengine.chjltn.local:$ openssl x509  -text -in /opt/nac/radius/raddb/certs/external_server.pem”?

This has to be compared with the diagnostic view of the nac to be sure.

Mig

Bernd_Gruetzke
New Contributor III

Hi Mig,

the message was in EMC :

39a9997ce67e45be9a43dde012c2a16b_ab8af64d-ff1d-43c1-84d8-ad19b71bdd98.png

I find a solution I thought “https://extremeportal.force.com/ExtrArticleDetail?n=000006216”. I my case there is no entrance for radius:

39a9997ce67e45be9a43dde012c2a16b_19938cc4-cecf-4a44-a152-d6f5ef073e38.png

So I thougth the resoluion is to do only on nac-server like described obove.

BR Bernd

Miguel-Angel_RO
Valued Contributor II

Bernd,

The folder you mention is in the NAC not in the XMC, you are mixing different things and.

Before deleting anything I suggest to describe your request with more details.

 

 

On the other hand, if you do a webview on you access control engine and go to Diagnostics/Certificate Diagnostics you’ll see a detail of the certificates

4fee8386e2cf4c77bd6bb9f526c78bf7_2e17838d-450a-462f-95f6-2af61622cbde.png

On the nac, if you type “root@controlengine.chjltn.local:$ openssl x509  -text -in /opt/nac/radius/raddb/certs/external_server.pem” you’ll have the identification of the certificate and you’ll be able to see where it is used.

 

Mig

GTM-P2G8KFN