Wireless Access

Hello
I have a controller associated to a clearpass for the authentication of the guests through a self registration, when the guest connects to this network the portal is shown with the address https://securelogin.arubanetworks.com, which shows error of certificate, a certificate was generated for the clearpass issued by a trusted certifying entity but the same problem arises, how can I solve the problem?

You cannot use the default captive portal certificate. You need to acquire a public CA-signed certificate for the controller for captive portal.

the captive portal is housed in the clearpass, due to that a certificate was acquired for the clearpass, also it is necessary to acquire a new one for the controller ??

the new certificate in the clearpass was issued for clearpass.casuarinas.edu.pe, with what name should the new certificate be created for the controller ??

Yes, you need one for the controller as well. It can be a generic common name like “login.yourdomain.com”.

As part of the authentication flow with ClearPass as an external captive portal, the user credentials are sent as an HTTPS port to the controller or Instant AP, which is the reason to have a valid certificate there as well.

 

I created a video that goes through an external ClearPass captive portal with all the steps involved. It will show you it from captures as well. 

 

Short story: you will need a public trusted certificate for controller/instant as well as for your ClearPass servers. Under circumstances, you can use the same certificate on both places if you have multi-SAN or wildcard certificates.