Controllerless Networks

My company supports a mid size business that engaged us becuause of issues with their Guest Wifi and possibly their default aruba OS SSL certificate expired.  In doing research here most documetation pointed to upgrading the OS on the AP's which would install a new SSL certificaton for captive portal authentication.    I upgraded the AP CLuster and for PC clients things look to be normal.  However for MAC users (Safari Browser) when they connect to the Guest Wifi and open their Safari 

Browser thjey are not redirected to the splash page.  From the browser if you type in "https:something... it will redirect them to the captive portal.  Question something has changed on the Macs obviously.    Any thoguhts on what we need to do to make the Mac's work with the new Certificate? 

Take a look at this:

https://community.arubanetworks.com/t5/Controller-less-WLANs/ArubaOS-Default-Certificate-Revocation-FAQ-Instant/ta-p/275814

Thanks Tim, yea reveiwed that.   The MAc's were working with the Default SSL before,  but now I am afraid every Mac user who uses this Guest Wifi after the OS upgrade is not going to get redirected to the captive Portal..   There is alot of info on Mac's and the captive portal but honestly I am not sure exaclty what do do.   Do the company need to purchase thier own Certificate for a CA?  Is it a cache thing on the the client?  Do I need to import the default cert into the Mac's?  I am not a Mac user and have limited knowledge on GUI huh... 

Is your cert publicly signed?

Thank you, the customer has not purchased a publically assigned certicate.  They have been using the default SSL certificate that comes with the IAP.   Based on my research it appeard that Certificate has experired so that is why I updated the OS on the AP's. .   Aruba documentation said that upgrading the OS would renew the SSL Certicate but that they recommmend replacing this with a custom certificate issued by a CA.  However my expectation after the upgrade woud be that the default SSL would still work- at it does with most devices.. just the MAC's seem to be having issues after the renewal.   :)

A private or self-signed certificate is going to throw certificate errors.
You should acquire a publicly-signed certificate for use with guest captive
portal.

Hi,
Have look here, I believe it will help.
https://community.arubanetworks.com/t5/Aruba-Instant-Cloud-Wi-Fi/How-can-i-upload-a-new-portal-certificate-in-Aruba-Central/td-p/277886