cancel
Showing results for 
Search instead for 
Did you mean: 

Certificate issue for a tunneled SSID

ali_db0udsohr2q
Contributor

I have a vSZ-H and a physical data plane appliance with a tunneled SSID configured.  SSID works fine however, trying to do WebAuth so it gives a certificate error.  Installed the 3rd party valid SSL cert (wild card) and still getting an error in the browser.  Viewing the certificate it shows, it is still using the Ruckus cert and not the wild card cert that was installed. 

Mapped all the services to this cert and here is how it looks like under the SZ as a Server Certificate.  What else is missing?

Image_ images_messages_5fd11ee9c7b3b92d0a9be77d_34d1109f012fdfc503bb15b8af683dc7_image-004cfa07-9ac4-4597-a83d-8cfb3a36a2ec-879288554.png
15 REPLIES 15

pasquale_monar2
New Contributor III

You have gone to System - Certificates - Certificates to Service Mapping and chosen your certificate ?

Yes services are mapped.  Management, AP Portal and HotSpot.

If you don't see the cert at all, it could be certificate mapping issue or certificate is not imported correctly.

Try to delete and reimport the cert.

Recommended procedure:

- Export the cert in .cer format with base-64 encoding.
- Export complete chain in the same format (server cert, intermediate and root cert).
- Import the certs in correct sequence and then upload the private key (if key is protected, please use the passphrase).
- Once done, map the certificate with services and apply the settings.

Note: Changing cert to service mapping will restart some services so GUI may not be available for some time (usually 10-15 minutes).

Regards,
Syamantak Omer
Official Rep | Staff TSE | CWNA | CCNA | RASZA | RICXI

Also confirm if you are using web auth with AD and TLS is enabled in server settings.

Authentication with AD+TLS will only work if cert has COMMON NAME set as IP address. This is a known limitation as of latest version.

Regards,
Syamantak Omer
Official Rep | Staff TSE | CWNA | CCNA | RASZA | RICXI