Controller Captive Portal Certificate
06-16-2019 02:45 PM - edited 06-16-2019 08:14 PM
I am running ArubaOS 8 with ClearPass Guest. I have a publicly issued certificate uploaded as my captive portal certificate on my controller(s). However, it has 3 alternate SAN's, one of which I would like to use for captive portal. However, show datapath fqdn only shows the primary common name of the certificate.
The bigger issue is that the controller intercepts all DNS requests for the common-name regardless of user role. If the user is an authenticated role via 802.1X (instead of guest) and they navigate to the FQDN, the controller always hijacks the request. This is a problem becuase the common-name of the certificate is being utilized elsewhere for other server access.
Is there a way around this behavior?
Re: Controller Captive Portal Certificate
06-16-2019 07:09 PM
Use a different certificate is the only way. The fqdn is necessary for the submit in the ClearPass HTML, so it really shouldn't be used anywhere else. You should only have one SAN, because that is all it will utilize.
*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Learning Videos
Aruba Central Documentation
ArubaOS Consolidated Release Notes
Aruba VIA ASE Solution - Configure VIA VPN