Search…
RADIUSaaS V2
Welcome
Details
Configuration
Getting Started
Access Point Setup
Server Certificate Renewal
Admin Portal
🆕
Insights
Users
Settings
Server Settings
Ports & IP Addresses
Certificates
Authentication Certificates
RADIUS Proxy
Permissions
🆕
Rules
Profile Deployment
Microsoft Intune
Jamf
Other
RADIUSaaS V1 to V2 Migration
Troubleshooting
FAQ
Licensing
Support & Service Level
RADIUSaaS Website
Powered By GitBook
Certificates
On your Server Settings page there are two tables with certificate information. Both tables will contain at least one certificate to ensure a normal operation of your systems.

List of all available Server Certificates

The first table shows all available certificates your RADIUS server is able to use.

List of allowed RadSec Connection Certificates

The second table contains all certificates that are allowed to establish a RadSec connection.

Server Certificates

Default Certificate

The certificate which will be created automatically during set up of your RADIUSaaS instance is a self-signed end user certificate.

Custom CAs

A custom CA or your own bought certificate is required if you are planning to authenticate Android devices.
In some cases, you might be required to create your own custom CA. For example, Android devices (version > Android 9) will not allow to install a end user certificate as trusted CA. So you need a CA certificate. To achieve this you're able to create your own CA in with your instance.
To create your custom CA, follow these simple steps:
  1. 1.
    Click Add
  2. 2.
    Choose Create your own CA
  3. 3.
    Click on Create
After the creation, you will see a new certificate available in your table:

Bring your own Certificate

In case you do not want to use any of the standard certificates which we are providing you can upload up to two of your own certificates.
  1. 1.
    Click Add
  2. 2.
    Choose PEM encoded Certificate
  3. 3.
    Copy & Paste your certificate or use the Browse File option
  4. 4.
    Enter the password of your Private Key
  5. 5.
    Click Save

Certificate Activation

As certificates expire from time to time or your preference on which certificates you would like to use change, it is important that you can control the certificate that your server is using. The Active column shows you the certificate your server is currently using. To change the certificate your server is using, expand the row of the certificate you would like to choose and click Activate.

Download

To download your Server Certificate click Download in the corresponding row.

RadSec Connection Certificates

RadSec itself works with certificate authentication as well. Hence, your RADIUS server has to know who is allowed to establish a valid RadSec connection. Due to this requirement, you will always see at least one certificate in this table, which is the one related to your RadSec proxy. To ensure that your proxies are able to start up properly and are able to establish a connection to your instance, you cannot delete it.

Add a new Certificate

To allow new clients to establish a RadSec connection to your instance, follow these steps:
  1. 1.
    Click Add
  2. 2.
    Copy & Paste your certificate or use the Browse File option
  3. 3.
    Click Save
After this you should see your imported certificate in your table.

Delete

To delete a certificate, expand the corresponding row, click Delete and confirm your choice.

Certificate expiration

Certificates will expire from time to time. Five months before your certificate is going to be expired, you dashboard will give you a hint that your certificate is about to expire.
If you're seeing this triangle, follow this guide how you can change your certificate:
Previous
Ports & IP Addresses
Next
Authentication Certificates
Last modified 1mo ago
Export as PDF
Copy link
Edit on GitHub
Contents
Server Certificates
Default Certificate
Custom CAs
Bring your own Certificate
Certificate Activation
Download
RadSec Connection Certificates
Add a new Certificate
Delete
Certificate expiration