ArubaOS and Controllers

Reply
Highlighted
Moderator
Posts: 245
Registered: ‎09-12-2007

Factory default SSL certificate expiring soon

If you are using the factory default SSL certificate "securelogin.arubanetworks.com", please be advised that the certificate is expiring in June. The attached document gives more information and lets you know what your options are.

-Jon
---
Jon Green, ACMX, CISSP
Security Guy
Contributor II
Posts: 40
Registered: ‎03-05-2010

Re: Factory default SSL certificate expiring soon

Thanks for the info, good to know :cool:
New Contributor
Posts: 1
Registered: ‎02-25-2011

Does a new custom certificate need to be replaced when hardware is replaced?

We are planning to replace the factory certificate with one obtained from a CA for each of our controllers before the 29 June 2011 expiration.

With a custom certificate key pair in use, after we replace hardware (controllers) in the future...will the existing key pair work, or would a new Certificate Signing Request have to be submitted to a CA and new key pair installed? The controllers being replaced would re-use the IP address and system name (Common Name) as before.
Thanks in advance
Contributor I
Posts: 20
Registered: ‎06-23-2011

securelogin.arubanetworks.com to some other?

Hi all.

How do I change the controllers DNS address if I what to use another certificate?

Here is the full story: If I make certificate request and create certificate based on that and upload it to controller and set it as default certificate for captive portal, controller will automatically change dns name from securelogin.arubanetworks.com to my new cn on my new cert like mylogin.mycompany.com. But if I upload my cert using PCKS12 it wont update my DNS automatically. Where can I change that?

Thanks,

- J2R2
Guru Elite
Posts: 21,288
Registered: ‎03-29-2007

Re: Factory default SSL certificate expiring soon

Please open a TAC case about this. When doing Captive Portal, it should change the name.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I
Posts: 20
Registered: ‎06-23-2011

Re: Factory default SSL certificate expiring soon

Sorry about the last post, it works fine just had problem AP going to master that didn't had that cert installed.

But now another question, I have used Godaddy and Geotrust certs and both gives SSL error when using captive portal, so the question is that where can I upload intermediate certificate to controller and use it? Or does anyone know where to get cheap cert that JUST works and can be applied to multiple servers?

- J2
Contributor I
Posts: 76
Registered: ‎05-14-2009

can't use the same PEM file

guys i ran into this issue when replacing the certificates. i generated the CSR and got the pem file import without issue. then i use the same pem file for other controllers. It got reject with error message saying private key not match. This is going to be an hassle since we bought the certificate. We can't same the same csr for all controller. Is there anyway to export the pem file from the working controller and import to other controllers?
Guru Elite
Posts: 21,288
Registered: ‎03-29-2007

Re: Factory default SSL certificate expiring soon

Most certificate authorities prohibit this - https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=SO10114&actp=search&viewlocale=en_US&searchid=1310081819429


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I
Posts: 76
Registered: ‎05-14-2009

So its possible?

Thanks Colin!

Not recommend but possible right?
New Contributor
Posts: 2
Registered: ‎07-28-2011

problem after installing self generated cert

Has anybody successfully implemented new cert into the controllers? I did mine and applied it to 802.1x authentication but my users still cannot authenticate. anybody got any ideas on how to do it? :confused:
Search Airheads
Showing results for 
Search instead for 
Did you mean: