Community Expert Day 1/17/14

Reply
New Contributor
Posts: 4
Registered: ‎10-17-2013

Is it OK to Implement wildcard public certs for large CPPM clusters?

[ Edited ]

We are currnetly building out 100 + size CPPM cluster to support over a million mobile devices. generating 100 + public certs would not be a very good option.

 

After looking into wildcard certs would it be possible to use these without affect the end user.

 

Thanks,

 

-Robert

Aruba Employee
Posts: 11
Registered: ‎12-31-2010

Re: Is it OK to Implement wildcard public certs for large CPPM clusters?

Hi Robert,

 

Yes, we can use wildcard certificates for SSL or captive portal when using CPPM.  A couple of relevant knowledge base articles, one for CPPM and one of Amigopod might be helpful for reference:

 

https://arubanetworkskb.secure.force.com/pkb/articles/FAQ/How-to-configure-ClearPass-Guest-Amigopod-web-login-when-using-an-Aruba-controller-with-a-wildcard-SSL-certificate

 

https://arubanetworkskb.secure.force.com/pkb/articles/FAQ/Wildcard-certificates-for-Amigopod

 

Let us know if that answers your query.

 

Regards,

Riyaz

 

[Please hit Kudos if the reply helps]

Super Contributor II
Posts: 429
Registered: ‎01-19-2011

Re: Is it OK to Implement wildcard public certs for large CPPM clusters?

Does anyone know of a good resource for learning about certificates and their deployment. I am increasingly finding that I'm having to advise customers on certificates - purchasing, generating requests and installing and I feel a bit out of my depth.

Aruba Employee
Posts: 11
Registered: ‎12-31-2010

Re: Is it OK to Implement wildcard public certs for large CPPM clusters?

If you need to know everything about digital certificates, that might need a textbook reading.  To learn about Certificate generation for IAPs or try it yourself, our knowledge base article might help: https://arubanetworkskb.secure.force.com/pkb/articles/HowTo/R-1481

 

Other Aruba related resources for Certificate generation resources, some of which are helpful for Certificate generation in general (like the top two about Open SSL below):
https://arubanetworkskb.secure.force.com/pkb/articles/HowTo/R-804
https://arubanetworkskb.secure.force.com/pkb/articles/HowTo/R-1394
https://arubanetworkskb.secure.force.com/pkb/articles/HowTo/R-772
http://community.arubanetworks.com/t5/AirWave-and-Network-Management/How-to-install-certificate/td-p/7076
http://community.arubanetworks.com/t5/Command-of-the-Day/COTD-crypto-pki-csr-key-Generate-a-Certificate-Signing-Request/td-p/1495

 

Hope this helps.

 

Regards,

Riyaz

 

[Hit Kudos if you find the info useful]

Super Contributor II
Posts: 429
Registered: ‎01-19-2011

Re: Is it OK to Implement wildcard public certs for large CPPM clusters?

Quite happy to spend money on a book if anyone can recommend something that starts at the beginning. Most articles etc start with something like"How do I generate an OpenSSL self-signed certificate in pem format with a single command" - this sort of thing assumes you have already made an intelligent decision about which filetype you want to generate and what the implications are.

Search Airheads
Showing results for 
Search instead for 
Did you mean: