12-09-2020 11:00 AM
I have a vSZ-H and a physical data plane appliance with a tunneled SSID configured. SSID works fine however, trying to do WebAuth so it gives a certificate error. Installed the 3rd party valid SSL cert (wild card) and still getting an error in the browser. Viewing the certificate it shows, it is still using the Ruckus cert and not the wild card cert that was installed.
Mapped all the services to this cert and here is how it looks like under the SZ as a Server Certificate. What else is missing?
12-09-2020 01:24 PM
You have gone to System - Certificates - Certificates to Service Mapping and chosen your certificate ?
12-10-2020 07:55 AM
Yes services are mapped. Management, AP Portal and HotSpot.
12-10-2020 08:27 AM
If you don't see the cert at all, it could be certificate mapping issue or certificate is not imported correctly.
Try to delete and reimport the cert.
- Export the cert in .cer format with base-64 encoding.
- Export complete chain in the same format (server cert, intermediate and root cert).
- Import the certs in correct sequence and then upload the private key (if key is protected, please use the passphrase).
- Once done, map the certificate with services and apply the settings.
Note: Changing cert to service mapping will restart some services so GUI may not be available for some time (usually 10-15 minutes).
12-10-2020 08:31 AM
Also confirm if you are using web auth with AD and TLS is enabled in server settings.
Authentication with AD+TLS will only work if cert has COMMON NAME set as IP address. This is a known limitation as of latest version.