How Certificate Chaining/ Binding must be done on AOS Controller?
A certificate Chaining/ Binding is a process of arranging the certificate in an ordered list which contains the Digital/ SSL Certificate and the Certificate Authority (CA) Certificates who signed the SSL Certificate.
Aruba follows the typical standard of Certificate Chaining hierarchy beginning with the SSL/ Digital certificate followed by each certificate in the chain signed by the Authority identified by the next certificate in the chain.
Before uploading a Certificate to Aruba Controller, it is mandatory to Chain/ Bind the certificate with proper hierarchy to avoid the certificate being rejected by the Clients.
Note: When the CSR is not generated on the Controller or if the CSR is done on a 3rd party device it is must to append the private key along with the above certificates in the following hierarchy
Public signed Key/ SSL
Intermediate Primary CA (Who signed the SSL)
Intermediate Secondary CA (Who signed the Primary CA)
Root CA (Who signed the Secondary CA)
-----BEGIN PRIVATE KEY----
-----END PRIVATE KEY-----
These certificates can be used for various features in Aruba like Captive Portal, OCSP, WebUI, Dot1x etc...,