cancel
Showing results for 
Search instead for 
Did you mean: 

Unleashed AP provide SHA-1 cert, Android phones reject it, thus no internet

axel_robbe
New Contributor III
Hi,

We've been working on some Ruckus Unleashed APs recently and we've run into several issues along the way. Most of which we were able to tackle. However, after installing the APs in several buildings of a client, we discovered Android phones do not work over guest access wifi. This has to do with the certificate being used from the Ruckus APs.
Chrome bugs over a SHA-1 cert, which is considered weak, thus the phone does not have an internet connection.

I've tried to set the certificate setting to 2048 bits, but this didn't solve anything as visible on the last picture.

Anyone any idea if this is fixable? Our APs use the latest software version. 100.1.9.12.62



Image_ images_messages_5f91c3ec135b77e2478e634f_3ac0a0a91d45ded32c7ba4e4fe6f8be5_RackMultipart20160920246782eex-246cfb2f-2b63-46b4-a0d1-07f22daea9c5-1857191207.jpg1474403116Image_ images_messages_5f91c3ec135b77e2478e634f_ee4f16598faca56a58a8328d5c1a7da7_RackMultipart20160920129030zof-7cde21e9-ba18-4dfc-99de-b3bbeaa657d6-736499351.jpg1474403167Image_ images_messages_5f91c3ec135b77e2478e634f_b3679f96e0ab67d19ee7c36a2f217c88_RackMultipart2016092077929wgws-7a60f639-3700-46cc-872f-166eef48ec0e-1265490876.jpg1474403179
2 REPLIES 2

nat_nat
Contributor II
Are you using self-signed certificate or your own signed certificate? If you are using self-signed certificate then likely by upgrading to upcoming version 200.2 should fix it as the new self-signed certificates are using SHA-256.

If you are using your own signed certificate please ensure that certificate is SHA-256.

axel_robbe
New Contributor III
It appears it's a selfsigned cert. I thought otherwise looking at the CA.
Nevertheless, is it fixable right now without setting up my own CA?
Can I force the guestpage to use HTTP? (I now it's not safe, but I need a workaround now)