Sorry if this question has already been asked by someone else ;
I am facing a weird issue in my lab and had the same in one of my customers deployment :
> Got a cluster of 3 cppm servers> Got EAP autosigned certificates (by default, didn't touch them)> Got a public signed wildcard for https(rsa) certificate> Got the root + intermediate public ca enabled and with role "other" in the trust list> The dns resolution is working fine (for gui access and for captive portal)But, when i'm trying to access the GUI of the servers (any of the 3 of them) of when i try to connect to my guest SSID, it seems that the server responds back with it's EAP autosigned certificate .... never presents me https(rsa) oneI tried to patch to version 6.11.6.x, same issueI tried to clear the https certificate in CLI (command "system reset-server-certificate") and then re-import it : same issue
Anyone has a clue of why i get this behavior ?Thanks for help !
Edit : > Just changed my EAP certificates with ones delivered by my own Enterprise PKI : same issue ; it still presents me an autosigned certificate when trying to access GUIThe autosign presented : The https certificate : The EAP certificate : The Root/Intermediate Public ca in the trust List : Dunno what to do more ?
Did you check the certificate that is presented with the Guest portal, is it not the HTTPS - ECC certificate.
If yes just disable it on all CPPM servers.
Thank you guys, it totally worked .... Just to know : did i miss something ? is it written somewhere on a guide that we have to disable this ECC certificate ?
In 6.11 you have https-ECC certificate select by default, so i think the auto signed certificate you see is the ECC one.
You have to disable it if you want CPPM to use RSA instead
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.