Update RADIUS Server Certificate Window

---

The RADIUS server certificate is the certificate sent to end-systems during certain forms of 802.1X authentication. If the appliance RADIUS server will proxy all 802.1X authentication requests, then certificates are not used. If the appliance RADIUS server can terminate 802.1X authentication requests, then certificates will be used if you are using EAP-TLS, PEAP, or EAP-TTLS authentication. The Update RADIUS Server Certificate window lets you replace the server certificate. You can access this window from the Manage Appliance Certificates window.

During installation, NetSight generates a unique private key and server certificate for the NAC RADIUS server. This certificate provides basic functionality while you are configuring and testing your NAC deployment, but you will want to update to a certificate generated by a Certificate Authority that your connecting end-systems are already configured to trust. This allows you to integrate with the certificate structure you already have on your network. For complete instructions on replacing and verifying the certificate, see How to Update NAC Appliance Server Certificates.

After you have updated the certificate, you must enforce the appliance to deploy the new private key and server certificate. When enforced, the RADIUS server on the appliance will be restarted automatically to load the new certificate.

In addition to updating the RADIUS server certificate, you will need to configure the AAA Trusted Certificate Authorities to designate which client certificates can be trusted. You can do this using the Update AAA Trusted Certificate Authorities window accessed from your Advanced AAA Configuration or the Manage Appliance Certificates window.

Click areas in the window for more information.

Private Key

Provide a file containing the RSA or DSA private key that corresponds to the certificate. It must be encoded as a PKCS #8 file. Enter the path name of the file or use the Browse button to navigate to the file. If the file is encrypted with a password, check the password box and supply the password in the field. If you do not have the private key, refer to the instructions for generating them.

Certificate Files

Use the Add Files button to add one or more certificate files as provided by the certificate authority. This includes the server certificate, as well as any intermediate or chained certificates. You can multi-select files in the file chooser window, and the files can be added in any order.

---

Related Information

For information on related tasks:

• How to Update NAC Appliance Server Certificates
• Manage Appliance Certificates Window
• Update AAA Trusted Certificate Authorities window