You can only import a new certificate once for a request that was generated on the ClearPass server. For that reason, I tend to use an external system so generate the CSR and request the certificate, then import the key + cert into ClearPass.
But there is no problem as you can export the certificate that you imported sucessfully, you will get a .p12 file (remember the password); then you can import that for another function in ClearPass or to another server.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your HPE Aruba Networking partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact HPE Aruba Networking TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or HPE Aruba Networking.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Mar 16, 2026 11:37 AM
From: cnoga@waterfrontoronto.ca
Subject: ClearPass - Radius and HTTPS(RSA) - Can share same Certificate ?
Hi Everyone,
Recently I renewed our expired Radius Server Cert in ClearPass to resolve issues of clients not connecting. I forgot to update the HTTPS (RSA) cert as well. Previously, I believed it used
the same cert as for Radius. Now, when trying to upload the newest Radius cert for use with HTTPS (RSA), ClearPass says 'Private Key Not Found On This System' - See attached.
I've compared the serial numbers of the new (installed) Radius cert and the one I'm uploading and they match. Is it possible ClearPass only lets you match up one instance of a cert with
its private key? In this case, my upload of the new Radius cert would have 'claimed' the private key stored already from the Certificate Signing Request?
Appreciate any help you can provide.
Thanks!
-------------------------------------------