During installation, Access Control generates a unique private key and server
certificate for the NAC Manager RADIUS server. This certificate provides basic
functionality while you are configuring and testing your NAC Manager
deployment. To integrate with the certificate structure you already have on your
network, update to a certificate generated by a Certificate Authority that your
connecting end-systems are already configured to trust.

Update RADIUS Server Certificate Window

The RADIUS server certificate is the certificate sent to end-systems during
certain forms of 802.1X authentication. If the appliance RADIUS server will proxy
all 802.1X authentication requests, then certificates are not used. If the appliance
RADIUS server can terminate 802.1X authentication requests, then certificates
will be used if you are using EAP-TLS, PEAP, or EAP-TTLS authentication. The
Update RADIUS Server Certificate window in NAC Manager lets you replace the
server certificate.

Refer to hep topic How to Update Access Control Engine Server Certificates in Extreme Management Center (Legacy) in the EMC NAC Manager User Guide.

In addition, to configure the AAA Trusted Certificate Authorities to designate
which client certificates can be trusted see the Update AAA Trusted Certificate Authorities Window help topic.