Setting the RADIUS Trustpoint Configuration

About this task

A RADIUS certificate links identity information with a public key enclosed in the certificate. A CA (certificate authority) is a network authority that issues and manages security credentials and public keys for message encryption. The CA signs all digital certificates it issues with its own private key. The corresponding public key is contained within the certificate and is called a CA certificate.

To define a RADIUS Trustpoint configuration, utilize an existing stored trustpoint or launch the certificate manager to create a new one:

Procedure

  1. Select Configuration → Devices → System Profiles from the web UI.

    The Profile screen displays. This screen displays a list of profiles.

  2. Select a profile from those listed.

    The selected profile's configuration menu displays.

  3. Expand the Security menu and select Trustpoints.
    Click to expand in new window
    Security - RADIUS Truspoint screen
    GUID-1E81B0D5-6CA3-4C0A-8D28-1B40D1BC6CDA-low.png
  4. Set the following RADIUS Security certificate settings:
    RADIUS Certificate Authority Either use the default-trustpoint or select the Stored radio button to enable a drop-down menu where an existing certificate can be leveraged. To leverage an existing certificate, select the Launch Manager button.
    RADIUS Server Certificate Either use the default-trustpoint or select the Stored radio button to enable a drop-down menu where an existing certificate/trustpoint can be used. To leverage an existing trustpoint, select the Launch Manager button.
  5. Set the following HTTPS Trustpoints certificate settings:
    HTTPS Trustpoint Either use the default-trustpoint or click Stored to enable a drop-down menu where an existing certificate/trustpoint can be used. To use an existing certificate for this device, click Launch Manager. For more information, see Certificate Management.
  6. Click OK to save the changes made in the RADIUS Trustpoints screen.
    Click Reset to revert to the last saved configuration.