4-49
Configuring the RADIUS Server—Integrated with ProCurve Identity Driven Manager
Manage Digital Certificates for RADIUS
You must complete these tasks by accessing the root command line for the
NAC 800’s OS:
1.
Open a console or SSH session with the NAC 800.
2.
Log in:
•
username =
root
•
password =
<
root password
>
Install the CA Root Certificate on the NAC 800
The NAC 800 must have the CA root certificate for the CA that signed its server
certificate. If supplicants authenticate with certificates (the EAP method is
EAP-TLS or, less commonly, PEAP or EAP-TTLS with an inner method that
requires certificates), the NAC 800 also uses this CA certificate to verify the
supplicants’ certificates.
Follow these steps to install the CA certificate on the NAC 800:
1.
Obtain the CA certificate from your CA.
Your CA should instruct you how to complete this step.
The certificate must be in PEM format. (See step 4 on page 4-50 for
instructions on converting a DER or PFX certificate to PEM format.)
2.
Transfer the CA certificate to the NAC 800.
If you have installed PSCP on your management station, you can follow
these steps:
a.
Save the CA certificate to your management station.
b.
Access the command prompt on your management station and move
to the directory in which PSCP is installed.
c.
Enter this command:
For example:
pscp myCA.pem [email protected]://etc/raddb/certs/demoCa/
cacert.pem
Syntax:
pscp <
path\filename
> root@<
NAC 800 IP address
>://etc/raddb/certs/
demoCA/cacert.pem
Replace
<path\filename>
with the directory path and filename
for the CA certificate.
Summary of Contents for 800
Page 1: ...Configuration Guide www procurve com ProCurve Network Access Controller 800 ...
Page 2: ......
Page 3: ...ProCurve Network Access Controller 800 Configuration Guide April 2008 1 0 30398 ...
Page 74: ...1 62 Overview of the ProCurve NAC 800 Deployment Methods ...
Page 155: ...3 27 Initial Setup of the ProCurve NAC 800 System Settings ...
Page 194: ...3 66 Initial Setup of the ProCurve NAC 800 Digital Certificates ...
Page 336: ...6 8 Disabling Endpoint Integrity Testing Overview ...
Page 354: ...7 18 Redundancy and Backup for RADIUS Services Back Up Your NAC 800 Configuration ...
Page 380: ...A 26 Appendix A Glossary ...
Page 394: ...B 14 Appendix B Linux Commands Service Commands ...
Page 405: ......