Hey Tim,
@ all
I am still little confused about the whole certificate thing with IAPs and Clearpass. I read that Aruba recommends to just use HTTP in conjunction with Clearpass Guest and IAPs. But still, if I configure my guest access for just only http, I get redirected to the clearpass website for entering my credentials (which is normal) but the clearpass website is https-only. So my guests still get a certificate warning.
This certificate is the HTTPS certificate from clearpass which I am able to change. But a guest gets redirected to the plain IP of my clearpass data-port.
So, should I go ahead and buy a certificate with a CN=dataport IP? If so, I will get certificate warnings when configuring the clearpass from mgmt port. That is acceptable, but not nice....
The alternative would then be to go for a certificate with a SAN (SubjectAlternateName) of my dataport IP? Or am I missing something?
Many thanks for every little hint.
Stefan