Campus Switching and Routing

Reply
Highlighted
Occasional Contributor I

MAS Certificate replacement

Hello

I have a few MAS switches and I am attempting to replace the default certificate following this guide:

 

http://www.arubanetworks.com/techdocs/ArubaOS_7_Web_Help/Default.htm#mas_guides/management_access/Managing_Certificates.htm#management_utilities_163792609_1117657

https://community.arubanetworks.com/t5/Wired-Networks/ArubaOS-Default-Certificate-Revocation-FAQ-Mobility-Access/ta-p/275815

 

I have generated the csr, signed it with my internal ca. The doecument doesnt state how to load it into the switch, i am just assuming tftp as I cannot access the webui for some reason which I will troubleshoot after I upgrade it soon.

 

I receive the following error when i try to import the signed csr using the following command:

 

(edge-sw-01) #crypto pki-import pem ServerCert edgesw01 edgesw01.cer
Error in importing file

 

 

It is definitley in the flash file system:

#dir

-rw-r--r-- 1 root root 1964 Jul 28 01:58 edgesw01.cer

 

I have tried as a windows txt and a unix txt (crlf vs lf), same issue.

 

it seems i can change the names to anything and the same error appears:

 

#crypto pki-import pem ServerCert asd asd
Error in importing file

 

I have converted the pem to a der and it still doesnt work:

(edge-sw-01) #crypto pki-import der ServerCert edgesw01 edgesw01.cer
Error in cert format

 

Any ideas?

 

 

 

---------------------------
ACCP, ACMA, ACMP, ACDX
Occasional Contributor I

Re: MAS Certificate replacement

Updating the code and rebooting seems to have fixed the WebUI which has allowed me to upload a cert via the WebUI.

---------------------------
ACCP, ACMA, ACMP, ACDX
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: