Hello, when connecting to ZoneDirector via web browser, I get the 'untrusted site' error. How do I download the ZoneDirector root CA certificate so I can install in my 'trusted root cert' folder to prevent these warnings ? I don't need to purchase a commercial cert just for admin access to ZoneDirector.
Because Ruckus is not an official Certificate Authority (CA), our ZD root cert is therefore "untrusted" in that you will receive an SSL warning when you open a browser interface. You would need to purchase a 3rd party CA certificate and install it on the ZoneDirector to avoid these warning prompts. Most customers, simply agree to create an exception, and continue.
Working with SSL Certificates SSL certificates enable device or user identification, as well as secure communications. ZoneDirector captive portal services and the web UI use an SSL certificate when establishing HTTPS connections. The default SSL certificate that is installed on the ZoneDirector is self-signed and therefore not trusted by any web browser. This is the reason why the SSL security warnings appear when establishing an HTTPS connection to the ZoneDirector. To eliminate the security warnings, administrators may purchase a trusted SSL certificate from a public Certificate Authority (CA) such as VeriSign and install it on the ZoneDirector.
Basic Certificate Installation The certificate installation process is as follows: • Generate a Certificate Signing Request (CSR) with the required requester information. • Submit the CSR to a public CA for signing. • Receive a signed certificate from the CA. • Import the signed certificate into ZoneDirector.
Generating a Certificate Signing Request If you do not have an existing SSL certificate, you will need to create a certificate signing request (CSR) file and send it to a certificate authority (CA) to purchase an SSL certificate. The ZoneDirector web interface provides a form that you can use to create the CSR file. Fields with an asterisk (*) are required entries. Those without an asterisk are optional.
The Configure > Certificate form allows you to perform the following actions: • Generate a certificate signing request. • Import a signed certificate. • View the currently installed certificate. • Advanced Options link displays additional options • Restore the default private key and certificate. • Backup private key and certificate. • Generate a new private key.
To create a certificate request file (CSR): 1 Go to Configure > Certificate. 2 In the Generate a Request section, complete the following options: • Common Name*: Enter ZoneDirector’s Fully Qualified Domain Name (FQDN). Typically, this will be “zonedirector.[your company].com”. You can also enter ZoneDirector’s IP address (e.g., “192.168.0.2”), or a familiar name by which the ZoneDirector will be accessed in your browser (e.g., by device name such as “ZoneDirector”).
NOTE: Ruckus Wireless recommends using the FQDN as the Common Name if possible. If your network does not have a DNS server, you may use ZoneDirector’s IP address instead. However, note that some CA’s may not allow this.
Hello Michael. Thank you. I realise the reason is because the ZD root cert is untrusted. What I am asking is why can you not provide the ZD root cert to users so we can install in our 'trusted root folders'. Then our browsers will trust the ZD cert inherently without having to agree to 'make an exception' when the browser prompts about the untrusted cert.
I'm using godaddy cert. and it is successfully installed on my Ruckus ZD3000. at least the administrator portal is working fine. HOWEVER, all of my guest portal (with / without onboard landing) doesn't work.