ArubaOS and Controllers

Reply
Moderator

Factory default SSL certificate expiring soon

If you are using the factory default SSL certificate "securelogin.arubanetworks.com", please be advised that the certificate is expiring in June. The attached document gives more information and lets you know what your options are.

-Jon
---
Jon Green, ACMX, CISSP
Security Guy
Contributor II

Re: Factory default SSL certificate expiring soon

Thanks for the info, good to know :cool:
New Contributor

Does a new custom certificate need to be replaced when hardware is replaced?

We are planning to replace the factory certificate with one obtained from a CA for each of our controllers before the 29 June 2011 expiration.

With a custom certificate key pair in use, after we replace hardware (controllers) in the future...will the existing key pair work, or would a new Certificate Signing Request have to be submitted to a CA and new key pair installed? The controllers being replaced would re-use the IP address and system name (Common Name) as before.
Thanks in advance
Contributor I

securelogin.arubanetworks.com to some other?

Hi all.

How do I change the controllers DNS address if I what to use another certificate?

Here is the full story: If I make certificate request and create certificate based on that and upload it to controller and set it as default certificate for captive portal, controller will automatically change dns name from securelogin.arubanetworks.com to my new cn on my new cert like mylogin.mycompany.com. But if I upload my cert using PCKS12 it wont update my DNS automatically. Where can I change that?

Thanks,

- J2R2
Guru Elite

Re: Factory default SSL certificate expiring soon

Please open a TAC case about this. When doing Captive Portal, it should change the name.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: Factory default SSL certificate expiring soon

Sorry about the last post, it works fine just had problem AP going to master that didn't had that cert installed.

But now another question, I have used Godaddy and Geotrust certs and both gives SSL error when using captive portal, so the question is that where can I upload intermediate certificate to controller and use it? Or does anyone know where to get cheap cert that JUST works and can be applied to multiple servers?

- J2
Contributor I

can't use the same PEM file

guys i ran into this issue when replacing the certificates. i generated the CSR and got the pem file import without issue. then i use the same pem file for other controllers. It got reject with error message saying private key not match. This is going to be an hassle since we bought the certificate. We can't same the same csr for all controller. Is there anyway to export the pem file from the working controller and import to other controllers?
Guru Elite

Re: Factory default SSL certificate expiring soon

Most certificate authorities prohibit this - https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=SO10114&actp=search&viewlocale=en_US&searchid=1310081819429


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

So its possible?

Thanks Colin!

Not recommend but possible right?
New Contributor

problem after installing self generated cert

Has anybody successfully implemented new cert into the controllers? I did mine and applied it to 802.1x authentication but my users still cannot authenticate. anybody got any ideas on how to do it? :confused:
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: