Question: How do I delete the revoked web server certificate so that I can access the web interface of the controller?
Product and Software: This article applies to all Aruba controllers and ArubaOS versions.
If the server certificate is revoked or expired, the web interface of the controller is not accessible. To access the web interface, you must either:
- Remove the revoked server certificate from the controller.
- Change the web server certificate back to the default using the CLI.
Remove the Revoked Server Certificate
If the certificate is referenced, it must be cleared and then removed. To remove the certificate from the controller, enter this command:
(aruba) (config) #no crypto-local pki serverCert < name of the certificate >.
Change the Web Server Certificate Back to the Default
To change the web server certificate back to default through CLI, issue these commands:
(Aruba)(config)#web-server no switch-cert
(Aruba)(config)#web-server switch-cert default
To view the certificate that is currently mapped to the web server, enter the 'show web-server' command:
(Aruba) #show web-server
Web Server Configuration
------------------------
Parameter Value
--------- -----
Cipher Suite Strength high
SSL/TLS Protocol Config sslv3 tlsv1
Switch Certificate default
Captive Portal Certificate default
Management user's WebUI access method username/password
User session timeout <30-3600> (seconds) 900
Maximum supported concurrent clients <25-400> 25