ITC/3AV WIKI

User Tools

Site Tools

Trace: how_to_create_a_certificate_for_instant_captive_portal_using_open_ssl_and_a_certificate_authority
aruba_networks:controller:aruba_instant_virtual_controller:how_to_create_a_certificate_for_instant_captive_portal_using_open_ssl_and_a_certificate_authority

HOW TO CREATE A CERTIFICATE FOR INSTANT CAPTIVE PORTAL USING OPEN SSL AND A CERTIFICATE AUTHORITY

Creating and Installing a Captive Portal Certificate on Instant from a Public CA

Due to the Advisory here: https://community.arubanetworks.com/t5/Controller-less-WLANs/ArubaOS-Default-Certificate-Revocation-FAQ-Instant/ta-p/275814 all users should be uploading either a self-signed or CA certificate on instant. Below are instructions for a public CA. Please keep in mind that instant does not have a facility to create a CSR or certificate signing request that is needed for a CA, so you have to create your own using OpenSSL. Open SSL can be downloaded here: https://wiki.openssl.org/index.php/Binaries

Steps:

Create a CSR to submit to your Certificate Authority by typing the following on the commandline:

openssl req -newkey rsa:2048 -keyout privatekey.key -out mycsrfile.csr

You should see the following happen:

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

Please enter the following 'extra' attributes

to be sent with your certificate request [optional….can be skipped]

A challenge password []:

An optional company name []:

In the same directory, you should find two files:

1. key, which is your private key (you will need this later, along with the passphrase you entered twice)

2. csr which is what you will upload to the CA, either by opening with a text editor and copying and pasting or by uploading the mycsrfile.csr to the CA that will issue your server certificate.

Upload or copy and paste the contents of the mycsrfile.csr to the certificate authority when it asks you to. After you do that certificate authority will either allow you to download or will email you two files:

The server certificate

The full certificate chain of the CA.

To put it into the proper format, you need to open the two text files the CA gives you back, along with the privatekey.key file in a text editor. Also, create a new blank text file that you will be copying and pasting all of the files into:

Using a text editor, Copy and paste the contents of the three files in this order into a blank text editor page:

1. The server certificate that the CA gave you

2. The intermediate and CA cert file the CA gave you (the root bundle).

3. The contents of the privatekey.key file

It should look something like this:

Humberto Villanueva 2020/10/30 12:37

aruba_networks/controller/aruba_instant_virtual_controller/how_to_create_a_certificate_for_instant_captive_portal_using_open_ssl_and_a_certificate_authority.txt · Last modified: 2020/10/30 12:41 by hvillanueva
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki