Wireless Access

last person joined: 23 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

CPPM cluster and wildcard cert ??

This thread has been viewed 5 times

  • 1.  CPPM cluster and wildcard cert ??

    Posted Dec 23, 2016 05:54 AM

    Hi all, can someone assist ?

    I have 2 x CPPM HW appliances in publisher subscriber.

    Want to use captive portal pointing to th VIP address, all working and ok.

    Next step is a publicly signed SSL wildcard cert.

    What is the process, do i need a CSR request off both physical devices ?

     

    Thanks

     



  • 2.  RE: CPPM cluster and wildcard cert ??

    EMPLOYEE
    Posted Dec 23, 2016 07:44 AM

    You would be applying the same certificate everywhere and only would have to request it once.  Most people who request a wildcard certificate use an offline utility like openssl.  ClearPass will not allow you to put a * in the hostname, anyway so you cannot create the CSR with clearpass.  Please see the Certificates 101 document here:  https://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/Command/Core_Download/Default.aspx?EntryId=19184 to understand wildcard certificates and how you would apply it.



  • 3.  RE: CPPM cluster and wildcard cert ??

    Posted Dec 23, 2016 07:48 AM
    You only need once cert for both boxes using a common name /dns entry for the cluster VIP and if you want to use that cert for other purposes (URLs/Common Names with DNS aliases) you can then assign SANs


  • 4.  RE: CPPM cluster and wildcard cert ??

    Posted Dec 23, 2016 09:41 AM

    Cheers for the info, and the document, so it seems using openssl is the answer, thanks.