@jcameron wrote:
I have 3 controllers (1 Master and 2 Locals). Do I need to have a different certificate for each controller for Captive Portal or do I need just one?
You have a choice:
1. One Certificate for each Controller, each with its own Subject as its FQDN or
2. A Single Certificate, that can be installed on all of your controllers, but FQDNs for your controllers entered in the SAN or Subject Alternate Name field on the CSR form at your Certificate Authority: http://en.wikipedia.org/wiki/SubjectAltName
Please know that
- the CSR form for the controller does not have a Subject Alternate name field, so you cannot generate it there for option (2). You would need to generate the CSR using the Certificate Authority's form...
- If you Generate a CSR from a controller, it will stay in there, so you cannot generate another unless you import a corresponding certificate
- Certificate Authorities charge more for additional subject alternate names, but not as much as an entire certificate, but shop around.