Monitoring, Management & Location Tracking

 View Only
last person joined: one year ago 

Articles relating to existing and legacy HPE Aruba Networking products and solutions including AirWave, Meridian Apps, ALE, Central / HPE Aruba Networking Central, and UXI / HPE Aruba Networking User Experience Insight
Back to Library

How to install a SSL certifcate in AirWave 8.2.4+ 

Oct 25, 2017 02:44 AM

Requirement:

AMP : 8.2.4

SSL certificate with PKCS12 format with extension ".pfx" or ".p12"

The certificate should contain intermediate/signing CA cert, server cert and the private key.

We need the password used during the time of certificate conversion.

Note: We can use OpenSSL Commands to Convert SSL Certificates to above supported formats, please refer the following link for the Openssl commands,

https://www.sslshopper.com/ssl-converter.html



Solution:

Installing a valid SSL (Secure Sockets Layer) certificate on AMP 8.2.4.



Configuration:

Step 1: We need to make sure that the file format should be in PKCS12 with extension ".pfx" or ".p12". The file should contain both the private key and the certificate.

Step 2: Login into AMP CLI using ampadmin or similar credential. Choose option "1" from the menu to upload the certificate file.

Step 3: The file can be only uploaded to AirWave using a SCP Source.

For example : I have the certificate file stored in the FTP server (10.10.10.2) in /tmp/ directory. We need to execute the following command to download file from the FTP server to AMP.

SCP Source (user@host:path): root@10.10.10.2:/tmp/certificate.p12
Password:
Uploading root@10.17.164.201:/tmp/certificate.p12
certificate.p12                               100%  

Step 4: Once the file is uploaded successfully we can verify it in AMP by choosing option 2 "Download file" from the main menu.

Step 5: Now we need to select the option 9 (Security). In the Security menu we need to select 4 to ADD the SSL certificate.

Step 6: We select " ADD the SSL certificate" we will get a menu to choose the certificate as shown below:

Choose the certificate file.
(The file must be in PKCS12 format with ".pfx" or ".p12" filename extension and should contain both the private key and the certificate.)
  1  final_airwaveserver.p12                      0 bytes  2017-06-07 23:17:44
  2  certificate.p12           2,756 bytes  2017-06-07 09:15:38
  c  >> Cancel
Your choice:2

Step 7: Once after choosing the right file we will be prompted to enter the PKCS12 password as shown below. After we enter the correct password the certificate bundle will be extracted, we will get a prompt to restart the Web UI to install the certificate.

Choose the certificate file.
(The file must be in PKCS12 format with ".pfx" or ".p12" filename extension and should contain both the private key and the certificate.)
  1  certificate.pfx                       0 bytes  2017-06-07 23:17:44
  2  certificate.p12           2,756 bytes  2017-06-07 09:15:38
  c  >> Cancel
Your choice: 2
Enter PKCS12 password:
PKCS12 bundle extracted successfully.

Proceeding will restart the Web UI and access to it will be interrupted for a few minutes.
Are you sure? (y/n): y

SSL certificate copied into place.
Restarting web services...



Verification

We can verify the certificate installation using any browser chrome, IE, firefox etc by navigating to AirWave hostname and it should not show certificate warning.  Provided root certificate is available in the system or browser store.

Statistics
0 Favorited
83 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.