Hi,
i need to configure two different controller certificates for different SSIDs.
In order to achieve this i configured two 802.1X profiles with termination on the controller (unfortunately one of the RADIUS server is not under our control, so we need to do it this way). It seems obvious to configure both certificates in the advanced configuration tab with "server-certificate" (or via CLI) in the 802.1X profile.
Doing so leads to very unexpected behaviour since the controller prompts the wireless clients for client certificates. But in this same profile PEAP/MSCHAPv2 is configured. When configuring no server certificate we see the built-in securelogin.arubanetworks certificate. Changing the CA certifcates in the same 802.1X profile has no effect whatsoever.
So, simple question: how can i have two controller certs displayed to the clients depending on the SSID?
Best regards,
Andreas