Hi all,
Due to the known issues with the securelogin.arubanetworks.com certificate I am trying to install my own certificate on to an IAP (in conjunction with clearpass at the back end).
However I am running in to some issues which I try to resolve as well as trying to understand things I discovered during my investigation.
- To start, I first tested using the default pre installed securelogin.arubanetworks.com cert.
To my surprise, it did no longer throw the revocation error.
Is this something that has been resolved?
But instead of the revocation error I did get a weak cipher error in chrome and firefox, IE9 did not seem to care and just continued.
(and the whole solution worked as designed, only with some annoying cert errors)
At this point I decided that it was still a good idea to continue installing my own cert (no weak cipher stuf, and putting myself in control of the cert stuff)
- So I installed my public signed wildcard certificate (*.mydomain.com), including the private key and root certs. And on clearpass I changed the address to "securelogin.mydomain.com"
When testing it showed me the clearpass guest page, I authenticated successfully. But it throw me a 'domain not found' error afterwards, when redirecting.
- Now I changed it to captiveportal-login.mydomain.com and gone has the "domain not found" error. Why is it that I need to use "captiveportal-login"?
- However, I'm still not there. When the guest portal authentication page pops up, I enter the correct credentials and after submitting I receive the portal authentication page again, with the following error message: "login error. please retry."
Clearpass access tracker shows: "application guest access - web login: accept", but no radius could be observed.
At the moment I'm out of ideas, please advise?