User's Guide
What It Is
What's New
Key Features List
ClearBox Enterprise vs ClearBox
System Requirements
Purchasing Licenses
Getting Started
Quick Start
Understanding Server Components
Managing User Accounts
Configuring RADIUS Realms
Realm Settings
Realm Rules
Dynamic Realm Rules
Authentication Protocols Compatibility
Logging Authentication Packets
Logging Discarded Requests
Account Log Files
Realm Settings
Configuring SQL Queries
Private RADIUS Attributes
Regular Expressions Syntax
RADIUS Clients
RADIUS Client Settings
Dynamic Clients Settings
SQL Data Sources
SQL Data Source Settings
LDAP Servers
LDAP Server Settings
Remote RADIUS Servers
Remote RADIUS Server Settings
State Servers
State Server Settings
Meta Configuration
Meta Configuration
Meta Configuration Settings
Meta Base Schema
TLS Settings
Creating SSL Certificates
Creating Server Sertificate
Requesting Server Certificate
Creating Client Certificates
Revoking a Certificate or Renewing CRL
Exporting CA Certificate
Issuing a Certificate in Active Directory CA
Remote Configuration
Advanced ISP Billing Integration
DTH Billing Integration
Platypus Billing System Intergration
OnDO SIP Server Integration
How Do I...
Wi-Fi Security
Wireless Authentication
Wi-Fi and RADIUS
Supported EAP Authentication Types
Security Considerations
10 Tips for Wireless Network Security
Administering the Server
Debug Logs
Using Client Tool
List of Server Errors
Maintaining RADIUS Dictionary
Basic Concepts
Wireless Authentication
Authentication Protocols
RADIUS Attributes
Example of RADIUS Packet Transactions
List of Standard RADIUS Attributes
Technical Support
Purchasing Licenses

ClearBox Enterprise Server 2.0 Online Manual
Prev Page Next Page
ClearBox Enterprise Serverâ„¢ 2.0. User's Guide

Requesting Certificate from a Third-Party CA

In order to provide trusted network security services to wireless clients, ClearBox Server must be able to cryptographically identify itself to clients. To prove its identity to clients, it sends them its digital certificate during the client login procedure. This certificate may be issued by creating your own certificate authority, but if you have already a CA in your organization (like Active Directory Certificate Authority) or want to purchase it from some trusted third-party CA, Certificate Wizard helps you in creating a certificate signing request which is sent to the CA.

In brief, the process goes as following: Certificate Wizard creates two files, a private key (you should store it) and a request containing desired certificate properties and a public key. This request is sent to an appropriate CA. The CA attests your and the server identity, creates your server certificate, signs it and passes back to you. After that Certificates Wizard merges the new certificate and the stored private key and install them as the RADIUS server certificate.

Run Certificates Wizard and select the second option:

Click Next and define server names for the server certificate:


Select the server certificate validity time span. When expired, the certificate should be re-issued or renewed.

Define the password which encrypts the private key. You will be prompted to input this password later on when the new certificate is be received from a CA,

Click Next. Fill in the fields which describe the location of ClearBox Server:


Click Next. You are asked where two files should be saved: the first is the request you have to send to a CA, the second is the private key file you should store for a while:

Click Next. After some time depending on the server machine performance you'll be shown the success message:

Now the certificate signing request is created and ready for passing to a CA.

You may read step-by-step example of issuing a certificate in Active Directory CA here.

After the CA creates the new certificate and signs it, you may proceed with installing it.

Run the wizard and select the third step:

Click Next and specify the location of two files: the first is the new certificate received from the CA (in DER- or Base-64 encoded PEM format), the second is the private key you have stored earlier. Besides, input the private key password:

The default and recommended behavior is to delete temporary files, as they are not needed any longer.

Click Next. The necessary RADIUS server certificate is installed and ready for use. The last step is to select the server certificate in Configurator. Run it, select 'TLS Settings' in the left tree. Click 'Select Certificate...':


Select the created certificate from the list and click OK:


Click 'Apply Changes', click 'Save' on the toolbar and restart ClearBox service.

© 2001-2007 XPerience Technologies.
Converted from CHM to HTML with chm2web Pro 2.7 (unicode)