Hi community,
I have a query regarding HTTPS certificates.
We have a Clearpass cluster that we use to provide Guest internet access. As such one of the interfaces on the Clearpass server is internet facing, with an associated web-login page that guests are redirected to through a captive-portal of the Aruba controller. We also have a public CA signed certificate for this web-login page, all works well and good. We also have an inside interface on the Clearpass appliance that internal users access to create guest accounts.
My query is this, can I use a separate internally signed certificate for the guest creation page accessible via the internal interface, or is only a single HTTPS certificate supported for the appliance. Currently we receive a certificate error for the internal URL as the URL is not referenced as a SAN in the certificate (used for web-login page). I also don't believe our public CA would issue a certificate if the SAN attribute for the internal page was included in the CSR as it would not be DNS resolvable. I couldn't see an obvious way to associate a certificate with the guest creation page that is different from the one used for external access?
Thanks in advance.