Posted on 2014-11-24
I have Aruba clearPass server that I am having a certificate problem with. It will not allow users with Windows 8.1 devices to authenticate to the wireless network.
I found the following resoluction but I am not sure how to accomplish this:
" You must deploy a private CA rather than obtain server certificates from a third party public CA. In addition, the certificate template that you use to issue the certificates must contain the RADIUS EKU extension. This extension is id-kp-eapOverLAN and the object identifier (OID) for this EKU is 220.127.116.11.18.104.22.168.14. This EKU extension can only be configured on a private CA and is used by Windows 8 to determine whether a private CA issued the certificate"
I created a new CSR from the ClearPass server and tried to sign it with our internal CA server but signing process faile with this error " the certificate requested template does not have a valid extension.
Any thoughts and what I am doing wrong?