Have a Question?
< All Topics
Print

Replace Default SSL Cert in Aruba Instant AP

Step to replace default SSL Cert in Aruba Instant AP

Default SSL Cert for Captive Portal

User will get the following error message whenever they try to connect to GUEST WIFI with Captive Portal configured with Aruba Instant AP

Replace Default SSL Cert in Aruba Instant AP for Captive Portal

The default SSL Cert used in Aruba Instant AP can be replaced with

  1. Comodo PositiveSSL – Purchased it with less than USD 10 per year with a single domain name, like wifi.aventistech.com

  2. Let’s Encrypt free SSL Certificate – Generate it following Generate Wildcard SSL Certificate from Let’s Encrypt. However, Let’s Encrypt SSL Certificate need to be renewed every 3 months

Let’s Encrypt Wildcard SSL Certificate is used in this lab

  1. Convert fullchain.PFX to PEM format

The SSL Certificate used for Captive Portal need to include the information of Certificate, Intermediate & Private Key

openssl pkcs12 -in fullchai.pfx -out fullchain.pem -nodes
  1. Install Solarwinds TFTP Server (FREE) on Windows 2019 Server (192.168.1.232)
  2. Copy the AventisLab.pem to C:\TFTP-Root
  3. SSH to Aruba IAP 315 and upload the pem Cert for cpserver (Captive Portal)
IAP315# copy tftp 192.168.1.232 fullchain.pem cpserver cert P@ssw0rd!@#$

captiveportal-login is used as hostname for wildcard cert or hostname defined in SSL Certificate will be used

The Captive Portal will be associated with the public SSL Certificate uploaded now

replace default SSL Cert in Aruba Instant AP

Replace Default SSL Cert in Aruba Instant AP for WebUI

  1. Convert PFX to PEM format
openssl pkcs12 -in cert.pfx -out cert.pem -nodes
  1. Copy the cert.pem to C:\TFTP-Root
  2. SSH to Aruba IAP 315 and upload the pem Cert for WebUI (uiserver)
IAP315# copy tftp 192.168.1.232 cert.pem uiserver cert P@ssw0rd!@#$ format pem

#Commit Changes
commit apply

The uploaded SSL Certificate is applied when you Login to https://iap.aventislab.com:4343

Reference Link https://www.arubanetworks.com/techdocs/Instant_41_Mobile/Advanced/Content/UG_files/Authentication/Certificates.htm#Loading

Table of Contents
Scroll to Top