How Certificate Chaining/ Binding must be done on AOS Controller?

By esupport posted Apr 23, 2020 09:04 PM

  
Q:

How Certificate Chaining/ Binding must be done on AOS Controller?



A:

A certificate Chaining/ Binding is a process of arranging the certificate in an ordered list which contains the Digital/ SSL Certificate and the Certificate Authority (CA) Certificates who signed the SSL Certificate.

Aruba follows the typical standard of Certificate Chaining hierarchy beginning with the SSL/ Digital certificate followed by  each certificate in the chain signed by the Authority identified by the next certificate in the chain. 

Before uploading a Certificate to Aruba Controller, it is mandatory to Chain/ Bind the certificate with proper hierarchy to avoid the certificate being rejected by the Clients. 


Note:  When the CSR is not generated on the Controller or if the CSR is done on a 3rd party device it is must to append the private key  along with the above certificates in the following hierarchy 

 

-----BEGIN CERTIFICATE-----

Public signed Key/ SSL 

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

Intermediate Primary CA (Who signed the SSL)

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

Intermediate Secondary CA (Who signed the Primary CA)

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

Root CA   (Who signed the Secondary CA)

-----END CERTIFICATE-----

-----BEGIN PRIVATE KEY----

Private Key

-----END PRIVATE KEY-----

 

These certificates can be used for various features in Aruba like Captive Portal, OCSP, WebUI, Dot1x etc...,

0 comments
1 view