Monitoring, Management & Location Tracking

Unable to Push the cert from Airwave to Instant devices

Aruba Employee
Problem:

Unable to push captive portal certificate from AMP to VC



Diagnostics:

From Instant version 4.1.0 release IAP supports interface with AMP for captive portal download. While managing the IAP using template we will  run into an issue when we try to push the captive portal certificate from Airwave.

Step 1: From Apache error log  we will see the following error message. We can confirm this by verifying the error log from Airwave CLI /var/log/httpd/error_log,

Popped out of all submodes and still couldn't parse '%server_cert_checksum%' at /usr/local/airwave/lib/perl/Mercury/CSO/DataDrivenTemplateBase.pm line 472.
Popped out of all submodes and still couldn't parse '%ca_cert_checksum%' at /usr/local/airwave/lib/perl/Mercury/CSO/DataDrivenTemplateBase.pm line 472.
Popped out of all submodes and still couldn't parse '%cert_psk%' at /usr/local/airwave/lib/perl/Mercury/CSO/DataDrivenTemplateBase.pm line 472.

 



Solution

The error is looking for the below lines to be added in the template:

%ca_cert_checksum%
%cert_psk%
%captive_portal_cert_checksum%
%captive_portal_logo_checksum%

Once updating the template we can initiate a configuration push from Airwave by saving the template.

In order to verify whether the configuration is successfully pushed  from Airwave. We can enable qlog topic for swarm_debug and after decoding from the commands file we should see the configuration as shown below,

Fri Sep 16 23:04:32 2016 (1474081472.529729)

{

          cmd => [

                   'cert-install

X-Cert-Type: cp_cert

X-Cert-Format: pem_format

In VC CLI we can confirm if the certificate pushed successfully by executing the following command:

#show cert

Version history
Revision #:
2 of 2
Last update:
‎09-22-2016 02:42 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: