Wireless Access

last person joined: 12 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Guide to replace the Revoked Aruba Certificate via CLI

This thread has been viewed 9 times

  • 1.  Guide to replace the Revoked Aruba Certificate via CLI

    Posted Jun 15, 2017 05:29 PM

    The instructions for replacing the revoked certificate include using the web config, which is locked by the revoked certificate.

     

    I have access to the CLI through SSH. show web-server indicates its using the 'default' certificate. Can I disable this so http access will work? how do I upload a self signed cert via the ssh console?



  • 2.  RE: Guide to replace the Revoked Aruba Certificate via CLI

    EMPLOYEE
    Posted Jun 15, 2017 11:24 PM

    To be clear, is this a controller-based system, and instant system or a MAS (mobility access switch) system?

     

    Here are the instructions for the controller: - https://community.arubanetworks.com/t5/Controller-Based-WLANs/ArubaOS-Default-Certificate-Revocation-FAQ-Controllers/ta-p/275809



  • 3.  RE: Guide to replace the Revoked Aruba Certificate via CLI

    EMPLOYEE
    Posted Jun 16, 2017 03:25 AM

    The instructions that Colin sent include how to upload the new certificate via the CLI, so you don't require to use the web interface.

     

    If you prefer to use the web interface, and you are a Google Chrome users, there is a trick to bypass the security warning in this case. To do so, on the screen that shows the certificate warning (and no option to bypass) you type: 'badidea' (including the '-quote signs) and you will bypass the warning page. As far as I know, this only works with Chrome; but it prevents you from reverting back the WebUI to HTTP (which I even don't know if it is possible; it is a bad idea though).



  • 4.  RE: Guide to replace the Revoked Aruba Certificate via CLI

    MVP
    Posted Jun 19, 2017 11:05 AM

    Correction Herman:

    To do so, on the screen that shows the certificate warning (and no option to bypass) you type: 'badidea' (including  excluding the '-quote signs) and you will bypass the warning page.

     

    Don't type it into the address field by the way. Just 'invisibly' type it while the page is open.

    @Herman Robers wrote:

    The instructions that Colin sent include how to upload the new certificate via the CLI, so you don't require to use the web interface.

     

    If you prefer to use the web interface, and you are a Google Chrome users, there is a trick to bypass the security warning in this case. To do so, on the screen that shows the certificate warning (and no option to bypass) you type: 'badidea' (including the '-quote signs) and you will bypass the warning page. As far as I know, this only works with Chrome; but it prevents you from reverting back the WebUI to HTTP (which I even don't know if it is possible; it is a bad idea though).

     



  • 5.  RE: Guide to replace the Revoked Aruba Certificate via CLI

    Posted Jun 25, 2017 11:37 PM

    We can use Firefox as it allows to bypass the warning easily without making any changes to browser settings.