Radsec established but no certificate

  • 2
  • Question
  • Updated 1 year ago

Hi All,

I'm currently configure a Radsecon aerohive, but i'm facing a Strange issue:

after testing the Redius connection with the Radsec Tools:

exec aaa idm-test radsec-proxy

it's return
the aerohive device establish a TCP connection with the ID Manager auth Gateway successfully

but when i use

show IDM
it tells me
Radsec Certificate state: Not Exist

any help on a config step i've probably missed ?

Thanks in advance for your help,
Best Regards.

Photo of lolovdb


  • 3 Posts
  • 0 Reply Likes

Posted 2 years ago

  • 2
Photo of Roberto Minotti

Roberto Minotti, Employee

  • 51 Posts
  • 5 Reply Likes
Hi lolovdb,

assuming you've all the required ports opened, you need to do a complete push update to the AP.

But, a smart way to avoid inconsistency, is this:

1) Clear the key

clear aaa radius-server-key radsec ca

clear aaa radius-server-key radsec root-ca


2) Upload the new CA 

Upload the new CA: Monitor > Actions > Download CA


3) Complete Upload


4) Reboot


Photo of Marcel Heß

Marcel Heß

  • 27 Posts
  • 4 Reply Likes
Hello Roberto,

thank you for this advice!

This solved my problem.

I have changed the hostname of the HMNG on prem, because it was longer than 32 characters. As a result, the whole guest registration process wasn't working.

Suggestion: Is it possible to insert a comment or a warnning if the hostname enterd in the vapp is longer than 32 characters?

After hours and hours I have found your solution! Great!

Best regards,
Photo of lolovdb


  • 3 Posts
  • 0 Reply Likes
will try this,
thanks a lot for your advice :)