Security

Reply
Occasional Contributor II

Download IAP 105 SSL Cert & Deploy AD Domain Trusted

We are seeing Windows 8 auth via RADIUS just fine to a test SSID, but Windows 8 is complaining about the SSL cert being validated. We tried to turn off validation by Windows, but error perists. Using Chrome and IE I could not find a way to DL the cert. Is there anyway to download the default 'securelogin.arubanetworks.com' ssl cert so I can deploy it across our domain as a trusted root cert via AD GPO?

 

Thanks!

Guru Elite

Re: Download IAP 105 SSL Cert & Deploy AD Domain Trusted

1) Never use the default certificate

2) Always validate the server certificate CN and issuing CA or all of your users credentials are at risk

 

If your environment is a mix of domain joined and other unmanaged devices, acquired a public CA signed certificate for your RADIUS server and configure the domain joined clients' supplicants to trust the CN and issuing CA via GPO.

 

If your environment is only domain joined machines, use your ADCS infrastructure to issue a server certificate for the EAP server certificate for your RADIUS server and configure the domain joined clients' supplicants to trust the CN and issuing CA via GPO.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Download IAP 105 SSL Cert & Deploy AD Domain Trusted

Thank you for the clarification; do I need a second public ssl cert for the Aruba virtual controllers at each of my sites, or do I just need a public ssl cert for my RADIUS server?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: