Deployment Guide
82 | Setting Up a Root Certificate Authority DellNetworking W-ClearPass Guest 6.0 | Deployment Guide
The Name and Description fields are used internally to identify this certificate authority for the network
administrator. These values are never displayed to the user during device provisioning.
Select the appropriate mode for the certificate authority:
l Root CA – The Onboard certificate authority issues its own root certificate. The certificate authority issues
client and server certificates using a local signing certificate, which is an intermediate CA that is subordinate to
the root certificate. Use this option when you do not have an existing public-key infrastructure (PKI), or if you
want to completely separate the certificates issued for Onboard devices from your existing PKI.
Click the Root CA image in the Mode area, then click Continue to proceed to the second step. See "Setting
Up a Root Certificate Authority " on page 82.
l Intermediate CA – The Onboard certificate authority is issued a certificate by an external certificate authority.
The Onboard certificate authority issues client and server certificates using this certificate. Use this option when
you already have a public-key infrastructure (PKI), and would like to include the certificate issued for Onboard
devices in that infrastructure.
Click the Intermediate CA image in the Mode area, then click Continue to proceed to the second step. See
"Setting Up an Intermediate Certificate Authority" on page 84.
Setting Up a Root Certificate Authority
If you already have a certificate and private key for the certificate authority, see "Installing a Certificate Authority’s
Certificate " on page 88.
After you choose Root CA on the Certificate Authority Settings form and click Continue, the Root Certificate
Settings form opens. The Root Certificate Settings form is used to configure the distinguished name and properties
for the certificate authority’s root (self-signed) certificate.