09-12-2016 03:19 PM
With the recently emailed advisory regarding securelogin.arubanetworks.com, if the IAP Guest WLAN is only configured for INTERNAL – ACKNOWLEDGED, do I need to be concerned about this/will the revoked certificate cause an issue for guests using this configuration?
Solved! Go to Solution.
09-12-2016 04:10 PM
09-13-2016 10:01 AM
Thanks for the prompt reply Colin. If this is indeed the case, what’s the best way to resolve this as I see no reason to have an SSL certificate if I’m not securing anything.
09-13-2016 10:30 AM
If you haved a captive portal, then you are securing the connection between the client web browser are the portal. This needs to be encrypted, you can use a self-signed certificate but this may still cause tehe browser to throw up an error as it would be untrusted by the browser.
09-14-2016 02:03 PM
I see—shame considering SSL is really not required here. Does my certificate need to be for securelogin.example.com or will any host work? If the former, is there a way to change this? There is little documentation here, at least as it specifically relates to IAP, and this covers http://community.arubanetworks.com/t5/Wireless-Access/Certificate-quot-securelogin-arubanetworks-com-quot/td-p/239148 as well. Also, do I need to reboot everything or will this Just Work once the new certificate is uploaded? Thank you.
09-14-2016 02:06 PM
09-14-2016 02:19 PM
Thanks for the prompt reply Tim. While this covers why a certificate is needed, it doesn’t mention Subject Names or if a reboot is required for the change to be effective. I imagine Aruba has a major head ache on their hands for anyone that uses the built-in captive portal for Guest WLANs.
09-14-2016 02:21 PM
10-03-2016 01:55 AM
I assume that an A recond in DNS should be created for "network-login.domain.xyz", am I right? To which ip address it should be pointing?
Is it possible to use wildcard cert?
10-03-2016 01:56 AM