This article covers a very specific case when you are importing a certificate and private key pair where the private key does not have a password. It does not explain the certificate types or use cases, certificate and key-file file formats or detail the intricacies of PKI. ClearPass requires certificates in order to operate securely (encrypt/decrypt traffic) and identify itself during RADIUS transactions. The most common certificates you would import are RADIUS, HTTPS and RadSec. There are others but these all require a private key. ClearPass allows you to import the certificate and private key as two separate files (you can also import them as a combined file). It is quite common to receive a private key file that is not protected by a password, whether it be from a public certificate authority or an internal CA service. When you try to import this file pair into ClearPass while leaving the "Private Key Password" field blank you will receive an error: The error states that the Private Key Password must be specified. The problem is there isn't one to be entered, so it can be confusing how you may proceed.
You can get around this error by entering anything (I haven't exhaustively tested every possible entry) into the Private Key Password field. During my first attempt I used "null", which worked. Then I used "asdf" which also worked. A simple, single character entry also appeared to work fine.
Comments
|
WifiHaxWe build and optimise networks. Continuous learning is our secret to being good. Along the learning journey we will share things here... Archives
November 2022
Categories
All
|