Controllerless Networks

 View Only

  • 1.  Captive Portal Certificate

    Posted Dec 13, 2023 12:39 PM

    Hi, 

    We've recently moved our college wifi system from Cisco to Aruba with the help of a 3rd party. In doing so, we have come across the fact that when our users are logging onto the portal they are greeted by a "This site cannot be trusted" message. From reading various blogs/community posts, I believe that we can get around this by updating the cert to one of our own public signed certificates. If we do this and create the certificate for "wifi-login.ourdomain.com" for example, how does the virtual controller know that this is now the URL of the captive portal and not securelogin.arubanetworks.com?

    Thanks in advance.



  • 2.  RE: Captive Portal Certificate

    Posted Dec 14, 2023 05:46 AM
    Edited by HN-49f123 Dec 14, 2023 05:46 AM

    https://community.arubanetworks.com/discussion/ssl-certificate-installation-on-internal-captive-portal



    ------------------------------
    NHN
    ------------------------------



  • 3.  RE: Captive Portal Certificate

    Posted Dec 14, 2023 06:08 AM

    It does read that from the certificate, it will take the first SAN (Subject Alternative Name) and listen for that fqdn for captive portal.

    If you have CLI access, the command 'show captive-portal-domains' under 'Internal captive portal domain' shows what the AP has configured from the certificate. That is used if you use the internal captive portal, but also when using an external captive portal as the authentication address.

    AP-515# show captive-portal-domains

Internal Captive Portal Domain:
securelogin.hpe.com

External Captive Portal Domains:
cppm.arubalab.com


    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 4.  RE: Captive Portal Certificate

    Posted Jan 06, 2024 01:52 AM

    you can also use "show cert all" to see all the certificates that are installed.



    ------------------------------
    If my post was useful accept solution and/or give kudos.
    Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
    ------------------------------

    Original Message


Related Content