09-30-2014 02:01 PM
I have OS version 220.127.116.11-18.104.22.168_44641 and a couple of IAP 225.
I have added my own CA cert on the Maintenance -> Cettificates tab. It was added ok and can bee seen.
After that I created a server cert which has CN set to the fqdn dns name I connect to (the virtual IAP contoller). For that cert I have tried to both use a non encrypted RSA key as well as an encrypted one. I have concatenanted the key and certfile into one and uploaded it on the certificates tab (plus the key pass phrase). That certificate can also bee seen OK in parallell to the CA certificate that has signed it.
The server cert has these settings:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Basic Constraints:
Netscape Cert Type:
But I cannot track down if the IAP actually cares about the certificate profile at all or if it fails somhere else. Or maybe I am stupid and doing something very wrong.
After that I have also rebooted the IAPs. But still. The IAP presents a factory default certificate for "instant.arubanetworks.com" when connectin to my virtual controller dns name instead of my own certificate.
what is happening here? Some help very much appreciated here....
A follow up question.. How is a certificate removed? Cannot see it is possible in the IAP gui or if logged in through SSH.
Thanks in adance