09-16-2016 12:50 PM
Let me start by saying I dont know much about certificates and the only time I have worked with them in the past is when I have someone who knows what they are doing working with me. That said, I am having issues uploading my public signed certificate. My goal was to replace the certificates used for captive portal and for the web interface since I cannot currently use captive portal or manage my cluster with IE since the aruba certificate was revoked.
I purchased a SSL certificate from networksolutions.com and used csrgenerator.com to create my CSR since it seems to be that instant clusters cannot do this. See screen shot below showing the certificates that were sent to me after validation. I am assuming the one called instant.vijon.com is the one I want to install on my clusters. I first chose to upload this .crt file with the CA type. The upload finished and it is showing as the current CA certificate. I am guessing this is the one I need to manage my cluster with IT but it doesnt seem to be using this certificate yet since my browser will still not let me past the warning page.
I then tried to upload the certificate as Captive Portal Server type but the upload sat at the screen (on the below screenshot) for 10 minutes and then took me back to the logon screen. When I logged in it did not show me the new certificate and still showed the default one.
I tried the same steps for the Auth Server type and the results were the same as with Captive Portal.
I am sure that my lack of knowledge is to blame here so any help would be greatly appreciated.
09-16-2016 12:54 PM
Take a look at the FAQ >> https://community.arubanetworks.com/t5/Controller-less-WLANs/ArubaOS-Default-Certificate-Revocation-FAQ-Instant/ta-p/275814
09-16-2016 12:58 PM
09-16-2016 01:10 PM
I applied these commands to my windoes machine and I am currently uploading the .pem file to my cluster. I will let you know if it fails. Thanks for the help.
type AddTrustExternalCARoot > internal.vijon.com.pem
type DV_NetworkSolutionsDVServerCA2.crt >> internal.vijon.com.pem
type DV_USERTrustRSACertificationAuthority.crt >> internal.vijon.com.pem
type instant.vijon.com.crt >> internal.vijon.com.pem