Security

Hi,

Do i require to install public https certificate on Aruba switch 3810M to work captive portal for wired guest users. I have already installed public https certificate on clearpass. If we need certificate then can i use same certificate for all the switches. I am having Aruba 3810M, Aruba 2930F, Hp procurve 2626 and HP procurve 2520-8 switch model.

No its not required. Self signed certificate should suffice. I have recently deployed 3810M with CPPM captive portal and I used Public wildcard cert on CPPM & self signed cert on 3810M. All worked well.

Hi

 

We recommand to have CA signed certificate both on clearpass and NAD devices. Yes ,we could use certificate on mulitple devices.

 

Regards,

Pavan

 

If my post addresses your query give kudos:)

Hi Pavan,

Thanks for your response.

If I have already installed public certificate on Clearpass then why do we require public https certificate on Switch.

You do not need a public certificate on the ArubaOS-Switch side....

Hi,

 

I am testing Captive portal on Aruba 2930F running 16.7 for Guest Device Registeration on ClearPass 6.7.9. 

 

The ClearPass server has a valid public HTTPS certifacate.  

 

I enrolled a self-signed-cert on the switch however the URL redirect (https://clearpass.domain/guest) is showing a certificate error on both Chrome and IE with. The errored certificate(from the certificate details on the browser) is the self signed cert on the switch.

 

Is it worth looking into Downloadable User Role with SwitchOS 16.8+ and automatic Ancher Trust Certificate download or will still a valid certificate be required on the Aruba 2930F switch for the captive portal to load fully without a certificate error?

 

Is the self-signed-cert on the switch still supported or a publicly signed HTTPS cert is required?

 

AS