Original Message:
Sent: Apr 05, 2023 02:56 AM
From: Herman Robers
Subject: HTTPS Wild Card Cert
That depends a bit on the CA, but many of them will ignore what is in the CSR and allow you to override with the name you are ordering a certificate for.
I would recommend creating the keys and CSR with another tool, like OpenSSL or the tool your Public CA offers, as if the CSR matches what you order, chances are even better that everything goes smoothly. Import the externally generated key + signed cert in that case into ClearPass.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
Original Message:
Sent: Apr 04, 2023 03:06 PM
From: ayassine
Subject: HTTPS Wild Card Cert
Hello Herman,
I do appreciate your reply!
let us say i generate a csr from clearpass where The CN would be cppm.yourdomain-or-subdomain.tld Then the Public CA can replace it to *.yourdomain-or-subdomain.tld?
Thanks,
Ali Yassine
Original Message:
Sent: Apr 04, 2023 10:36 AM
From: Herman Robers
Subject: HTTPS Wild Card Cert
You can get the CSR from anywhere, or even have it generated by your public CA which many have tools for generating keys and CSRs. No need to request if from ClearPass.
For a wildcard, the CN would be *.yourdomain-or-subdomain.tld and the first SAN would be DNS:*.yourdomain-or-subdomain.tld; but many public CAs will replace whatever you put in your CSR to what you order with them.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
Original Message:
Sent: Apr 03, 2023 04:04 PM
From: ayassine
Subject: HTTPS Wild Card Cert
Hello,
ClearPass doesn't support generating CSR with wild card. How do we generate a CSR from ClearPass in-order to get a wild card cert from public CA? How is the CN should look like?
Thanks,
Ali Yassine