12-01-2016 04:49 PM
It took me a little bit, but I finally ran into the cert revokation issue. Here's where I'm at...
I cretaed my RSA key, and purchased a cert from Comodo. Blah, blah, received my public cert. I imported into trusted and intermediate. I then exported the public cert, the private key, and the intermediate cert. Then I copied those to my Mac, opened terminal, and ran the three cat commands (per this thread: https://community.arubanetworks.com/t5/Controller-less-WLANs/ArubaOS-Default-Certificate-Revocation-FAQ-Instant/ta-p/275814) without error to combine them into a pem cert. But when I try to upload to my T105 (220.127.116.11-x; won't go any higher), i get the error:
cert_upload_split_certificate_file_failed_head (see attached screen).
I suppose it could be a corrupted cert I received, but I got no errors on my CA when importing. Can anyone help me out here?
12-02-2016 01:42 PM
I resolved it by exporting a pfx certificate from our IIS server and then importing the pfx choosing the pcks option on the drop down menu.
Keep in mind that there is a custom build firmware that bypass the revoked certificate without the need of a public one, give that a try before importing your certificate. If you import and assign your certificate then the workaround doesn't work anymore. Custom build firmware is 18.104.22.168-22.214.171.124_56794.
Also have a look at
12-02-2016 02:23 PM
Just about 30 minutes ago, I was able to successfully configure and upload a good pem file. UNFORTUNATELY...
Now, while I can ping my APs, I have no access to the GUI
(This site can’t be reached. The connection was reset.) But users seem to have connectivity, so, that's good.
Well, I'm off for the weekend. I'll pick this up on Monday. Y'all have a good one.
12-07-2016 06:26 PM
Man, I'm dead. Not sure how to upload a cert for captive if I can't log in. Plus, I need to get my hands on a 14 ft. ladder to get to them.
Maybe not. What browser are you using?
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
12-08-2016 10:00 AM
Yeah, I thought of that. I've tried Chrome, IE, Safari and Firefox. Just cannot get in. It wants to let me in; I've added the exception to Firefox, but then I get "Secure connection Failed." I've changed the cert in Safari to "Always Trust", and the page comes up blank.
At the end of the day, the users are not affected, I just can't manage my APs. So, not critical. YET. And, I can bounce them by power cycling the POE injectors in the server room, if I have to.
Thanks for the idea, though.