This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

What are the implications of using a self-signed certificate for Virtual SmartZone services?

Go to solution
jhoux
New Contributor

‎02-03-2023 09:56 AM - edited ‎02-03-2023 10:04 AM

I am struggling to get a clear answer from the VSZ documentation on Certificates here:
https://docs.commscope.com/bundle/sz-600-adminguide-sz100vsz/page/GUID-81CE1E39-BB53-49F1-B2B0-A5F5C...

My Scenario:
I have been tasked with renewing a certificate on an existing VSZ installation.  The controller currently uses a Comodo-issued certificate.

For reasons outside my control, I believe I will have to coordinate with other people to prove domain ownership to Comodo if I want them to issue another certificate for the host name where the VSZ is hosted.

What I'd much rather do is simply use a self-signed certificate, because its easy to generate one and upload it to the controller.  I am somewhat perplexed by the fact that the existing controller does not already use a self-signed certificate. I don't know what reasons the previous maintainer may have had for getting a Comodo-signed cert. I want to make sure I won't break something by switching to a self-signed cert.

Presently, three services use the existing Comodo cert:
- Management Web
- Hotspot (WISPr)
- Ruckus Intra-Device Communication

The existing Comodo cert does NOT have a Root CA, so the new one shouldn't require one either.  If I switch from a CA-issued cert to a self-signed cert, what implications will this impose?

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
bruno_andrade
RUCKUS Team Member

‎02-03-2023 12:48 PM

Hello, if you use a self-signed certificate, you may expect a security warning when you try to access your vSZ GUI and also for your WISPr users, they will not be redirected smoothly to the WISPr page and some devices maybe not even able to reach your WISPr page due to security risk.

Example of error message:

bruno_andrade_0-1675457092586.png

 

Bruno Andrade | Principal TSE Bulldog Americas | RCNA | CWNA | CWDP
Follow me on LinkedIn

View solution in original post

0 Kudos
1 REPLY 1

Go to solution
bruno_andrade
RUCKUS Team Member

‎02-03-2023 12:48 PM

Hello, if you use a self-signed certificate, you may expect a security warning when you try to access your vSZ GUI and also for your WISPr users, they will not be redirected smoothly to the WISPr page and some devices maybe not even able to reach your WISPr page due to security risk.

Example of error message:

bruno_andrade_0-1675457092586.png

 

Bruno Andrade | Principal TSE Bulldog Americas | RCNA | CWNA | CWDP
Follow me on LinkedIn
0 Kudos
Copyright © 2024 Khoros, LLC