Certificate Manager considerations
The certificate manager considerations for RadSec implementation are:
RadSec requires a mutually authenticated TLS connection for communication between the switch and RADIUS server.
- For TLS connections, you require:
Certificates with usage
radsec-clientorallorSwitch default certificate,
IDEVID.
The switch must have a CA certificate that issued the RadSec server certificate. The RadSec server must have a CA certificate that issued the switch RadSec application certificate.
EST enrolment is supported for RadSec certificates. For more information, see the Access Security Guide of your switch.