Wireless Access

Reply
New Contributor

Aruba 501 and SHA-256 certificates

Good morning,

 

We have been trying to associate our Aruba 501 with an SSID using WPA2-Enterprise and EAP-TLS. As such, we have a four-level SHA-256 certificate that we are attempting to use, but the Aruba is failing to associate and remains in a constant "Scanning" status. Another thing I find odd is that after manually setting the correct time, it reverts back to January 2013 upon reboot.

 

When checking the log, it "associates" with the WAP for 2-3 seconds but then becomes disconnected due to disassociation. I did a showtech dump and found another strange thing. Despite the web interface saying the uploaded cert is present and provides a valid expiration date, according to the dump the cert isn't there.

 

cert-present           no

cert-exp-date         Not Present

 

We are using the latest software version available (V2.0.0.1-Aruba501-B0013)

Has anybody else experienced this and if so, is there a workaround? I have tested this certificate on two other wireless bridging devices and both worked just fine. I have included a snippet from the log.

 

Thanks in advance,

 

Nick

Highlighted

Re: Aruba 501 and SHA-256 certificates

Talked with PLM on this and he said you're already working with engineering and PLM on resolution. Of note, the most common things with certs on the 501, for posterity on this thread (not all below are applicable to Nick's issue necessarily):

 

* They need to be PEM

* Make sure your certs are chained correctly if using an intermediate

* Use the latest firmware always

 

 

Jerrod Howard
Sr. Technical Marketing Engineer
New Contributor

Re: Aruba 501 and SHA-256 certificates

Correct, I am working with them but wanted to see if the community had any workarounds or similar issues.

 

So, after converting the .PFX file to a .PEM, the 501 was able to associate with our SSID! Strange though, the documentation says that the .PFX extension is supported.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: