Recently one of our clients has installed a SonicWall unit and wants to enable DPI. All the domain users machines are managed so we can push out the DPI-SSL certificate easily to them. I need to figure out how to deploy the certificate across the guest network when visitors arrive on site. It can't be expected to manually install certificates on every guest users device.
My initial idea was just to purchase an SSL cert, import that into the SonicWall unit and the Ruckus ZD. However from reading a knowledge base I found the following:
"You cannot request a DPI-SSL CA certificate from a commercial certificate authority
- Commercial certificate authorities will not issue certificates with Certificate Signing or Certificate Re-signing authority."
Plan B was to use OpenSSL to generate my own cert but how will I get the ZD to then trust that.
Any help on the matter would be greatly appreciated.