12-22-2016 04:48 PM
Hi eveyrone, I am new to SSL Certifications with Aruba and particularly with the Captive Portal. My customer's Default SSL Cert has expired and we are looking at either a Self Signed Cert or a Cert from a CA. My first question is they my customer has generated a CSR from www.getcert.com. They know have 4 files
1. Private key : guestaccess.com-2016-12-22-120739.pkey
2. Certificate request (.csr): guestaccess.com-2016-12-22-120739.csr
3. Public key(.cer) : guestaccess.com-2016-12-22-120739.cer
4. Entire certificate (pkcs12) : guestaccess.com-2016-12-22-120739.p12.
From here I am a little confused as what to do if they just want to import a self signed certificate to the Virtual Controller. Do i need to combine the private key and the public key? one instruction i read is to rename the .p12 file to .pem and import it. Any suggestions would be extremely helpful. They still may go the more secure route with a public cert but I want to cover both options.
12-22-2016 04:50 PM
12-22-2016 05:12 PM
Thanks yea i have read it several times. It has a link on creating a CSR and using that combined with a Public Signed cert , but I have not been able to find instructions specifically to importing a Self-Signed Certificate and what to do after the CSR has been created. I have 4 files but not sure which or what files to import and/or combine. Hope that makes sense. :)
12-22-2016 05:14 PM
12-22-2016 05:25 PM
Cool thanks, i did see that, however that is for the Public Cert which i understand a bit more about combining the private with a public. I am more hung up on the Self Signed Cert... which unless I am mistaken, is what a CSR is. The Aruba documentation says you can import a Public Cert from a CA or you can import a Self-Signed Cert using a CSR creator. Is that correct?
12-22-2016 05:28 PM
If you're using this cert for guest, you should acquire a public cert otherwise your users will receive a certificate error in their browser when logging in.
12-22-2016 05:36 PM
These are the instructions I received earlier from Aruba support
"Importing a self-signed certification:
You can follow the details given below for getting a SSL certificate loaded to IAP:
Access http://www.getacert.com/ and select “Generate self-signed Certificate”. Then complete your certificate details to create private key, certificate request and public key files.
2. Choose Next Page - Next Page - Submit self-signed Certificate and you will get a page thats says " Your self signed certificate page" and select "Entire certificate (pkcs12) ".
3. By default the key file will be in .cer extension. Rename this file such that it get converted to .pem. For example: arubacert.cer to arubacert.pem
4. Then you go ahead and upload the certificate in the IAP by going to the GUI access of the VC and clicking on " Maintenance-> certificate-> upload ceritifcate-> Captive portal"."
However step 1 and step 2 do not make sense. It says to select the Entire certificate (pkcs12) but this file has a .p12 extension not a .cer.
Anyway I prob have confused you more, I will revist this with Aruba Support.
12-22-2016 05:46 PM
Take the private key file and combine it with the public certificate file and save it with a .pem extension. You should be able to import that.