Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

replace default cert on securelogin with a new one, with multiple common names does not work

This thread has been viewed 13 times

  • 1.  replace default cert on securelogin with a new one, with multiple common names does not work

    Posted Sep 30, 2016 02:43 AM

    we were replacing the securelogin.arubanetworks.com url that is used for captive portal redirect between clearpass and aruba controller.

    We used the already installed certificate on the controller that has 4 common names/alternatives in it.

    When doing the redirect from clearpass we get a host cannot be found DNS error. This means the controller is not picking up the dns query for some reason, We suspect that its because of the 4 common names that we have in the certificate. Did someone already try to put a cert with alternative names on the arube captive?



  • 2.  RE: replace default cert on securelogin with a new one, with multiple common names does not work

    EMPLOYEE
    Posted Sep 30, 2016 03:32 AM

    Subject alternative names will not be available for use during captive portal authentication. You'll need either a wildcard or standard certificate. Please see here: https://community.arubanetworks.com/t5/Controller-Based-WLANs/ArubaOS-Default-Certificate-Revocation-FAQ-Controllers/ta-p/275809