How Certificate Chaining/ Binding must be done on AOS Controller?

MVP
MVP
Q:

How Certificate Chaining/ Binding must be done on AOS Controller?



A:

A certificate Chaining/ Binding is a process of arranging the certificate in an ordered list which contains the Digital/ SSL Certificate and the Certificate Authority (CA) Certificates who signed the SSL Certificate.

Aruba follows the typical standard of Certificate Chaining hierarchy beginning with the SSL/ Digital certificate followed by  each certificate in the chain signed by the Authority identified by the next certificate in the chain. 

Before uploading a Certificate to Aruba Controller, it is mandatory to Chain/ Bind the certificate with proper hierarchy to avoid the certificate being rejected by the Clients. 


Note:  When the CSR is not generated on the Controller or if the CSR is done on a 3rd party device it is must to append the private key  along with the above certificates in the following hierarchy 

 

-----BEGIN CERTIFICATE-----

Public signed Key/ SSL 

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

Intermediate Primary CA (Who signed the SSL)

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

Intermediate Secondary CA (Who signed the Primary CA)

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

Root CA   (Who signed the Secondary CA)

-----END CERTIFICATE-----

-----BEGIN PRIVATE KEY----

Private Key

-----END PRIVATE KEY-----

 

These certificates can be used for various features in Aruba like Captive Portal, OCSP, WebUI, Dot1x etc...,

Version history
Revision #:
2 of 2
Last update:
‎04-23-2020 06:04 PM
Updated by:
 
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: