Reset Search
 

 

Article

How to regenerate/remove NAC RADIUS certificates

« Go Back

Information

 
TitleHow to regenerate/remove NAC RADIUS certificates
Objective
How to regenerate/remove NAC RADIUS certificates
Environment
  • NetSight Suite
  • NetSight NAC appliances
Procedure
To regenerate the NAC canned RADIUS certificate:
  1. Open the NAC Manager application
  2. Click on the "All Access Control Engines" (may say "All NAC Appliances" depending on code level)
  3. Click on the "Access Control Engines" tab (May be NAC Appliances" tab depending on code level)
  4. Right click the appliance you want to regenerate the certificate on
  5. Click "Manage Engine Certificates"
  6. Click the "Update Certificate" button next to the RADIUS server certificate
  7. Make sure the top radial button for "Generate a new unique private key and certificate is checked
  8. Click the "OK" button
  9. Click the "Yes" button
  10. Enforce the appliance

The NAC will not use the canned RADIUS server certificate if an external certificate has been applied to the system .To remove the external certificate that was applied:
  1. SSH to the NAC appliance
  2. Change directory to /opt/nac/radius/raddb/certs
    cd /opt/nac/radius/raddb/certs
  3. Remove the external_server.pem and the external_server.keystore
    rm external_server.pem
    rm external_server.keystore
  4. Restart NAC services
    nacctl restart
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255