Overriding RADIUS Trustpoint Configuration

About this task

A RADIUS certificate links identity information with a public key enclosed in the certificate. A CA (certificate authority) is a network authority that issues and manages security credentials and public keys for message encryption. The CA signs all digital certificates it issues with its own private key. The corresponding public key is contained within the certificate and is called a CA certificate.

To define a RADIUS Trustpoint configuration, utilize an existing stored trustpoint or launch the certificate manager to create a new one:

Procedure

Select Configuration → Devices from the web UI.
The Device Configuration screen displays a list of managed devices or peer controllers, service platforms, or access points.
Select a target device in the lower left-hand side of the UI.
You can also select a target device by double-clicking it in the list in the Device Configuration screen.
Select Profile Overrides → Security.
Select Trustpoints.

Profile Overrides - Trustpoints Screen

Set the following RADIUS Security certificate settings:


RADIUS Certificate Authority	Either use the default-trustpoint or click Stored to enable a drop-down menu where an existing certificate can be used. To make use of an existing certificate, click Launch Manager.
RADIUS Server Certificate	Either use the default-trustpoint or click Stored to enable a drop-down menu where an existing certificate/trustpoint can be used. To make use of an existing trustpoint, click Launch Manager.

Set the following HTTPS Trustpoints certificate settings:


HTTPS Trustpoint	Either use the default-trustpoint or click Stored to enable a drop-down menu where an existing certificate/trustpoint can be used. To use an existing certificate for this device, click Launch Manager. For more information, see Certificate Management.

Click OK to save the changes made in the RADIUS Trustpoints screen.
Click Reset to revert to the last saved configuration.