07-31-2017 08:35 AM
We are seeing Windows 8 auth via RADIUS just fine to a test SSID, but Windows 8 is complaining about the SSL cert being validated. We tried to turn off validation by Windows, but error perists. Using Chrome and IE I could not find a way to DL the cert. Is there anyway to download the default 'securelogin.arubanetworks.com' ssl cert so I can deploy it across our domain as a trusted root cert via AD GPO?
Solved! Go to Solution.
07-31-2017 08:39 AM
1) Never use the default certificate
2) Always validate the server certificate CN and issuing CA or all of your users credentials are at risk
If your environment is a mix of domain joined and other unmanaged devices, acquired a public CA signed certificate for your RADIUS server and configure the domain joined clients' supplicants to trust the CN and issuing CA via GPO.
If your environment is only domain joined machines, use your ADCS infrastructure to issue a server certificate for the EAP server certificate for your RADIUS server and configure the domain joined clients' supplicants to trust the CN and issuing CA via GPO.
Re: Download IAP 105 SSL Cert & Deploy AD Domain Trusted
07-31-2017 09:00 AM
Thank you for the clarification; do I need a second public ssl cert for the Aruba virtual controllers at each of my sites, or do I just need a public ssl cert for my RADIUS server?