Security

Reply

CPPM guest cert error on controller redirect

I am using CPPM guest with a wildcard cert to deliver captive portal. that works no issues there. loads properly.

after putting in the credentials on the portal and clicking on continue, it performs a redirect to the controller which is using a different cert.

for whatever reason my customers windows 10 machines get an error saying cert is invalid.

now, this works with a MacBook, IPad, Android and in my lab using the same certs, my windows 10 laptop has no issues.

cp guest has the full chain of both certs. wildcard was uploaded for https and radius cert is a specific url. that same radius cert is used on the controller for captive portal and the web login page redirects to that cert. cp guest auth is set to https.

I'm scratching my head here..it seems like the customers win 10 laptops don't trust the Comodo cert for whatever reason but checking certmgr shows he has the same ones as my win 10 machine that works....

any ideas what could be wrong??

#AirheadsMobile

Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Guru Elite

Re: CPPM guest cert error on controller redirect

Did you include both intermediates in the chain when you uploaded it?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Guru Elite

Re: CPPM guest cert error on controller redirect

Did you include both intermediates in the chain when you uploaded it?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480

Re: CPPM guest cert error on controller redirect

As far as I remember, yes i did.
EDIT: The same cert is used on my lab controller with no issues, we also have this cert on some IAPs with no issues.

 

Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]

Re: CPPM guest cert error on controller redirect

Tim,
My apologies to you. you were correct.
After re-validating the cert filenames from both the production and my lab environment. I had 2 different certs.

On prod, I only had the server cert + priv key.

Changed it, all is good.

Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: