I installed NAC 4.8 with a CAS and CAM a few years back and the customer used godaddy to purchase the SSL Certificates for communication between the CAM and the CAS, recently they recieved this error:
“ NAC Server has an attention warning ”Current end entity certificate has expired.” CCA Server Certificate for X509 certificates. “
The godaddy certificate is expired and when the customer went to godaddy to renew it they were told that godaddy no longer supports thier certificates with private RFC 1913 addresses.
Does anyone know of a CA that will issue a certificate with a private ip address?
Do I need to implement a private CA and generate my own Certs, the customer would rather not do this if it is not required?
Not sure if this is an option but I was thinking if I somehow used DNS to resolve the hostnames and use a FQDN in the certificate?
Just want to know what my options are so I can provide the customer with the best solution, hoping others can provide some advice and their experience?
Thanks,
Mark