Controllerless Networks

Reply
Occasional Contributor II
Posts: 18
Registered: ‎09-05-2014

x509 server cert on the virtual controller not working

Hi

 

I have OS version  6.3.1.8-4.0.0.7_44641 and a couple of IAP 225.

 

I have added my own CA cert on the Maintenance -> Cettificates tab. It was added ok and can bee seen.

 

After that I created a server cert which has CN set to the fqdn dns name I connect to (the virtual IAP contoller). For that cert I have tried to both use a non encrypted RSA key as well as an encrypted one. I have concatenanted the key and certfile into one and uploaded it on the certificates tab (plus the key pass phrase). That certificate can also bee seen OK in parallell to the CA certificate that has signed it.

 

The server cert has these settings:

     X509v3 Extended Key Usage:

                TLS Web Server Authentication

            X509v3 Key Usage:

                Digital Signature, Key Encipherment

X509v3 Basic Constraints:

                CA:FALSE

            Netscape Cert Type:

                SSL Server

 

But I cannot track down if the IAP actually cares about the certificate profile at all or if it fails somhere else. Or maybe I am stupid and doing something very wrong.

 

 

After that I have also rebooted the IAPs. But still. The IAP presents a factory default certificate for  "instant.arubanetworks.com" when connectin to my virtual controller dns name instead of my own certificate.

 

what is happening here? Some help very much appreciated here....

 

 

PS

A follow up question.. How is a certificate removed? Cannot see it is possible in the IAP gui or if logged in through SSH.

 

 

Thanks in adance

 

/Per-Olov

Sweden

Search Airheads
Showing results for 
Search instead for 
Did you mean: