Manualshelf

User's Manual

ManualsBrandsDell ManualsComputer equipmentPowerconnect W-ClearPass Hardware Appliances
131132133134135136137138139140
Configuring Trust Settings Manually
1. In the Configure Trust drop-down list:
l If you are using Policy Manager for authentication, leave this option set to Automatically configure
trust settings. The complete trust chain is included in the profile download.
l To change the recommended default setting and configure trust settings manually, choose Manually
configure certificate trust settings . The form expands to include configuration options.
2. If the deployment is not using the built-in CA, you may use the Trusted Server Names text field to enter
the certificate names to accept from the authentication server. Only certificates included in this list will be
trusted. Enter each server name on a separate line. You can use wildcards.
3. In the Trusted Certificates row, the recommended certificate is selected by default. You may click the field
to open the drop-down list and select a different certificate the client should trust. You should include the
root certificate that issued the authentication server’s certificate, and you should provide the certificate for
each authentication server a provisioned device will use.
4. You can use the Upload Certificate options to import additional trusted certificates. Click Choose File to
navigate to the file on your computer, then click Upload. The certificate is imported, and the certificate
name is displayed above the form. You can click the Show certificate link next to the name to view
certificate details. The certificate is also displayed in the Certificate Management list with the type trusted.
5. In the Dynamic Trust row, you should avoid marking the Allow trust exceptions check box – the
network administrator should make all trust decisions. Users will not generally review certificates for
potential issues before accepting them. If you wish to enable trust decisions to be made by the user, you
may unmark the Allow trust exceptions check box. Be aware that this is an insecure configuration, as a
user can override a security warning if a man-in-the-middle attack occurs.
6. In the Android Trust area, use the Trusted Certificate drop-down list to select a certificate the device
should trust. Android supports only a single trusted certificate; this must be the root CA that issued the
authentication server’s certificate. Be aware that if None is selected, 802.1x authentication might not work.
Dell Networking W-ClearPass Guest 6.4 | User Guide Onboard | 137