Manualshelf

User's Manual

ManualsBrandsDell ManualsComputer equipmentPowerconnect W-ClearPass Hardware Appliances
919293949596979899100
A workaround for this issue is to install an appropriate root certificate on the iOS device. This root certificate
must be the Web server’s SSL certificate (if it is a self-signed certificate), or the certificate authority that issued
the SSL certificate. This is not recommended for production deployments as it increases the complexity of
deployment for users with iOS devices.
Hostname-to-Certificate Match Failures
Symptom: Device provisioning fails with the message "Onboard provisioning cannot be performed at this
address. If your were directed here, please contact a network administrator."
This occurs if the hostname used to access CPPM does not match the hostname configured in the CPPM server
certificate. These items must match or device provisioning will fail. This error is detected by Onboard and
results in the above message.
Resolution: To correct the problem, ensure that the DNS is correctly configured for the server, ensure that the
hostname is correctly set, and ensure that the server's certificate contains the correct hostname.
Onboard Interface Not Displayed
If Onboard is not visible in the ClearPass Guest user interface, verify whether Public Facing Enterprise (PFE)
mode is set in ClearPass Policy Manager. If PFE mode is enabled, Onboard is not permitted and Onboard
licenses cannot be added. The PFE mode is enabled or disabled in CPPM on the Mode tab at Administration
> Server Manager > Server Configuration > Cluster-Wide Parameters.
Certificate Renewal through OS X Mavericks
OS X Mavericks allows users to renew certificates automatically, and provides a notice and an Update link in the
Mavericks Profile fifteen days before a certificate expires. Onboard supports certificate renewal through OS X
Mavericks. However, only local certificates can be renewed; ADCS is not supported. Also, certificates that have
been revoked cannot be renewed.
Certificate Authorities
You can create and manage multiple certificate authorities for Onboard. To view and work with the list of
certificate authorities and to configure new certificate authorities, go to Onboard >Certificate Authorities.
The Certificate Authorities list view opens. All certificate authorities that have been set up are included in the
list. Information shown for each certificate authority includes its name, mode, status, expiration time, and
OCSP URL.
You can click a certificate authority's row in the list for additional options:
l To view details for a certificate authority, click its Show Details link. The form expands to show a summary
of the settings defined for it, including information for certificate issuing, retention policy, identity, private
key, and self-signed certificate.
l To edit any of a certificate authority's attributes and configure certificate issuing options, click its Edit link.
The Certificate Authority Settings form opens. See "Editing Certificate Authority Settings" on page 101.
Dell Networking W-ClearPass Guest 6.4 | User Guide Onboard | 97