07-02-2019 09:45 AM
Someone has told me that you can't use multiple subCA for EAPTLS authentication. Is this true?
Solved! Go to Solution.
07-02-2019 10:23 AM
07-02-2019 10:23 AM
07-02-2019 10:42 AM
To clarify. We have smartphones and laptops, the phones will have a CA1 and Laptops will have CA2, both with the same RootCA. I should be able to import both CAs and the RootCA and have these check which CA is valid for authentication. Correct?
07-02-2019 10:47 AM
Yes.
07-04-2019 02:24 AM
It’s always useful to specify which cert is being discussed. Server cert (in ISE) or client cert (from client). The original post question may have heard/read that ISE only supports a single EAP server cert. that is true. ISE will always identify itself using the one and only EAP server cert. in most cases this is fine. But for customers who have mergers and acquisitions, having more than one server cert in the RADIUS server is handy. Clearpass 6.7 introduced that feature not too long ago.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: