Security

Reply
Highlighted
New Contributor

Controller Captive Portal Certificate

I am running ArubaOS 8 with ClearPass Guest. I have a publicly issued certificate uploaded as my captive portal certificate on my controller(s). However, it has 3 alternate SAN's, one of which I would like to use for captive portal. However, show datapath fqdn only shows the primary common name of the certificate.

 

The bigger issue is that the controller intercepts all DNS requests for the common-name regardless of user role. If the user is an authenticated role via 802.1X (instead of guest) and they navigate to the FQDN, the controller always hijacks the request. This is a problem becuase the common-name of the certificate is being utilized elsewhere for other server access.

 

Is there a way around this behavior?

Guru Elite

Re: Controller Captive Portal Certificate

Use a different certificate is the only way.  The fqdn is necessary for the submit in the ClearPass HTML, so it really shouldn't be used anywhere else.  You should only have one SAN, because that is all it will utilize.

 

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: