cancel
Showing results for 
Search instead for 
Did you mean: 

vSG doesn't allow CSR creation for wildcard certificate?

jim_michael
Contributor
I'm running vSG 3.4.1 and tried to create a CSR for a wildcard certificate, but when I enter *.mydomain.com in the Common Name field it turns red and won't accept that and says I need a "fully qualified domain name" there. Does the vSG really not support wildcard certs? Or am I doing something wrong?
3 REPLIES 3

paresh_patel_77
New Contributor III
Hi Jim,
can you import a certificate?
I have implemented on vSZ-H without even generating CSR.  I am using Wildcard cert for vSZ.

I imported a wild card cert.  Fill out fields Server Cert, Intermediate CA cert and Private key.

and applied cert on Management web and Hotspot(WISPr). 

Hope this helps!!
Image_ images_messages_5f91c430135b77e2479ac5e3_3d7b470e9bcea23e9e27eeb266c6e0c7_RackMultipart201702031165756bs-fb61a2cd-8513-4666-a231-3228212b34af-672984621.JPG1486161712

jim_michael
Contributor
Thanks, Paresh. I was able to export the cert from an IIS box with the key file and it imported fine. Because we use Digicert with unlimited re-issues, I often just do a CSR and get a new cert specific to the device simply because it's so fast and easy... but there appears to be something wrong with the way Ruckus implemented their cert process in vSZ... Once I got around the issue above just by giving it a full hostname (I've never seen a device complain about a wildcard in the common name, but whatever), I then created a CSR, uploaded it to Digicert, got my cert back and attempted to import it, but the vSZ made me either 1. Point at a key file (which I clearly didn't have since the appliance didn't give me one during CSR creation), or 2. Point AT the CSR I'd just created, a drop down in the import UI. That #2 option (my only option) simply does not work... it complains that the key doesn't match the server... so something is broken in their logic, or maybe it's a result of them not accepting a wildcard in the common name and making me add a hostname just to get the CSR created.

Anyway, exporting from another server with the key and importing worked great. Thanks!

@jim_michael hi Jim 

can you help me explain the CSR process 

I’m new to ruckus vsg and I have launched virtual controller on cloud but I haven’t completed the certificate part 

it would be greatly appreciate to point me to right direction on where to start and how to start 

thanks