Question: Can we upload a wildcard certificate on the Aruba IAP for dot1x authentication?
Product and Software: This article applies to all Aruba Instant platforms and versions.
What is a wildcard certificate?
A wildcard certificate allows you to secure multiple web sites with a single SSL certificate. For example, if you want to secure http://www.abc.com/, secure.abc.com, and support.abc.com, you can use a wildcard certificate to secure all three subdomains under *.abc.com.
Wildcard certificates secure your subdomains with SSL.
For example, if you hosted http://www.abc.com/ (common-name used would be *.abc.com), an SSL wildcard certificate would allow you to secure unlimited first-level subdomains like these:
http://www.abc.com/
admin.abc.com
sales.abc.com
you-name-it.abc.com
Wildcard certificates do have limits, and this is true for all Certificate Authorities. Wildcard certificates support only one level up in the fully qualified domain name.
For example, if you create a certificate for the common name of *.test.abc.com, https://www.test.abc.com/ will work, but https://www.shop.test.abc.com/ will not work.
Yes, you can upload the wildcard certificate for IAP for dot1x authentication from Aruba Instant 6.1.3.1.
This example shows a 2048-bit wildcard certificate.
You can see that the wildcard certificate was successfully uploaded to the IAP. We have also tested this certificate by creating a dot1x SSID and connecting a client to this SSID and it works.