@Bjron : Check this out
What are you planning to achieve. Usually, the MX doesn't need an extra certificate for RADIUS-integration.
We are working / trying to get authentication of users via Google domains, our target is "no one should be allowed to internet /intranet until gets authenticated using email&password (domains hosted on Google)" but we are facing issues. I tried to engage third-party HSNM for this issue, but facing same issues.
Working with HSNM product for Splash page, HSMN support asked us to check if SSL certificates can be imported on Meraki controller in the same way they do with other onsite controller, like aruba, cisco wlc, UBNT unifi, tp-link etc....but in our case Merak controller is cloud based 😞
For which kind of devices do you want to implement this? And how do they connect? As you are first talking about MX appliances, but then you mention other vendors like Cisco WLC, Aruba and also HSNM. Is this in fact about Meraki MR wireless?
I don't know HSNM, but in general, the authenticator (this could be the MX, the AP, or the controller) does not need a certificate for this. The client gets redirected to a cloud page that presents a public certificate to the client which has to be trusted there.
The only place where the authenticator needs a certificate is when you want to build a tunnel to the cloud-provider and this gets authenticated with a certificate.
But as we don't yet know exactly what you are planning, it is all guessing what you need.
Agree with @KarstenI we are using Meraki with Radius and it doesn't require a certificate. The client device will need to accept the radius servers cert though.