Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass Guest and Wildcard certificates

This thread has been viewed 16 times

  • 1.  Clearpass Guest and Wildcard certificates

    Posted Nov 16, 2016 11:57 PM

    Hi there

     

    I was wondering someone would be able to shed some light or if they've encountered a similar problem and how they got around it. We've recently deployed Clearpass Guest using a wildcard certificate so users do not get a certificate error when they get redirected to the captive portal.

    We've setup self-registration for the guests however after sponsor approval and when the guest logs in they would be redirected to the last web page they attempted to access, during this redirect a certificate error for https://7.7.7.7 will pop up, which is the virtual server IP of the controller. Is there an option somewhere to not do this or a solution to prevent it popping up for the guest users.



  • 2.  RE: Clearpass Guest and Wildcard certificates

    EMPLOYEE
    Posted Nov 16, 2016 11:59 PM
    Is this wildcard cert installed in ClearPass or on the IAP VC?


  • 3.  RE: Clearpass Guest and Wildcard certificates

    Posted Nov 17, 2016 12:01 AM

    Hi Cappalli

     

    The wildcard certificate is installed on the clearpass appliance



  • 4.  RE: Clearpass Guest and Wildcard certificates

    EMPLOYEE
    Posted Nov 17, 2016 12:03 AM
    Do you also have a publicly signed certificate installed on the IAP VC?


  • 5.  RE: Clearpass Guest and Wildcard certificates

    Posted Nov 17, 2016 12:09 AM

    Cappalli

     

    The WLC doesn't have a public signed certificate, i'm guessing that would be the requirement?

     

    Regards

    Michael



  • 6.  RE: Clearpass Guest and Wildcard certificates

    EMPLOYEE
    Posted Nov 17, 2016 12:10 AM
    Yes. Please take a look here:



    https://community.arubanetworks.com/t5/Controller-Based-WLANs/ArubaOS-Defaul
    t-Certificate-Revocation-FAQ-Controllers/ta-p/275809


  • 7.  RE: Clearpass Guest and Wildcard certificates

    EMPLOYEE
    Posted Nov 17, 2016 02:41 AM

    Alas, the link seems to lead to a dead end (page not found)



  • 8.  RE: Clearpass Guest and Wildcard certificates

    EMPLOYEE
    Posted Nov 17, 2016 03:05 AM

    It is just a formatting thing - line break. Please copy and paste the link below into a browser tab or it works by clicking on - if no line break:

     

    https://community.arubanetworks.com/t5/Controller-Based-WLANs/ArubaOS-Default-Certificate-Revocation-FAQ-Controllers/ta-p/275809

     



  • 9.  RE: Clearpass Guest and Wildcard certificates

    EMPLOYEE
    Posted Nov 17, 2016 03:07 AM

    :-) thank you!