Reset Search



How To Update NAC Internal Communications, Captive Portal, and RADIUS Server Certificate

« Go Back


TitleHow To Update NAC Internal Communications, Captive Portal, and RADIUS Server Certificate
  • Update NAC Internal Communications Certificate
  • Update NAC Captive Portal Certificate
  • Update NAC RADIUS Server Certificate
  • All NAC platforms
  • Captive Portal
  • 802.1x
  • SSL Certificates
  • NAC Internal Communications
The article assumes that you have already generated a certificate to install. If you have not generated a certificate use the openssl application on the NAC or NetSight to generate a CSR to submit to a CA:
How To Generate A Certificate Signing Request (CSR) On A NAC Appliance

Once you have generated a certificate in NAC Manager:
  1. Click on the "All NAC Appliances" folder
  2. Click on the "NAC Appliances" tab on the right (only shows up if selecting the NAC appliances folder)
  3. Right click on the NAC Appliance you want to install the certificate on and choose "Manage Appliance Certificates"
  4. Click the "Update Certificate" button on which certificate you want to update

Types of Certificates: 
Captive Portal: This certificate is used for HTTPS connections to the captive portal. Wildcard certificates are OK for use
Internal Communications Server Certificate: This certificate is used for encrypted communications between NAC and NetSight. 
Agent-Based Assessment Server Certificate: This certificates is used for secure communications between NAC and the Assessment Agent
RADIUS Server Certificate: This certificate is sent to end-systems for certain types of RADIUS authentication. (EAP-PEAP, EAP-TLS). Wild Card Certificates are NOT OK to use for RADIUS server certificates.

Additional notes
  • In version 6.3 the NAC appliance may not correctly establish NAC Manger connection after the Internal Certificate is changed. If so see this article: 



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255