CommScope RUCKUS Community Forums

bc_chamberlin · ‎05-11-2014

Trying to get a demo of Secure Hotspot up and running. We're using ZD 1100 V9.6 Hotspot setup with RADIUS. RADIUS & ZD 'Test' Connection Okay.

But getting this error message (on the client device) when connecting to open-dpsk (our open WLAN): (for this test we're using the unrestricted login script)

Traceback (most recent call last):

  File "/usr/lib/cgi-bin/xmlcommon.py", line 313, in sendXmlString


    c.perform()


error: (51, "SSL: certificate subject name (Ruckus Wireless ZoneDirector SN-401123000658) does not match target


 host name '192.168.2.4'")

Content-type: text/html

Unrestricted user generation failed: No response from ZoneDirector

If we change to HTTP at port 80 by changing out HTTPS at 433 in /usr/lib/cgi-bin/hotspot_unrestricted.py we don't get the SSL error, but we get redirected back to unrestricted login page when we click 'I Agree'

We've verified Northbound Passwords, sever_loc, and Secure SSID on both sides...

Struggling here...appreciate any advice, Thanks

alberto_de_la_c · ‎05-14-2014

But, as Keith said, did you replace the line or add it?

You should have both in your code:

c.setopt(pycurl.SSL_VERIFYPEER, False)
c.setopt(pycurl.SSL_VERIFYHOST, False)

have you tried this?

bc_chamberlin · ‎05-14-2014

Yes, I added the new line just as you have shown above.

c.setopt(pycurl.SSL_VERIFYPEER, False)
c.setopt(pycurl.SSL_VERIFYHOST, False)

I will go back and try again. Thanks.

paul_cross_6661 · ‎02-20-2015

Hi,

I'm having the exact same problem, I've added the SSL_VERIFY HOST entry but am now getting the error 500.

If I run the .py file from terminal (I've hard coded the form values) I get this:

* About to connect() to 10.97.0.12 port 443 (#0)

* Trying 10.97.0.12... * connected

* Connected to 10.97.0.12 (10.97.0.12) port 443 (#0)

* found 141 certificates in /etc/ssl/certs/ca-certificates.crt

* server certificate verification SKIPPED

* common name: Ruckus Wireless ZoneDirector SN-171308000099 (does not match '10.97.0.12')

* server certificate expiration date OK

* server certificate activation date OK

* certificate public key: RSA

* certificate version: #3

* subject: C=US,ST=CA,O=Ruckus Wireless\, Inc.,CN=Ruckus Wireless ZoneDirector SN-171308000099

* start date: Thu, 18 Jul 2013 02:02:12 GMT

* expire date: Fri, 14 Jul 2028 02:02:12 GMT

* issuer: CN=Ruckus Wireless ZoneDirector Internal CA SN-171308000099,O=Ruckus Wireless\, Inc.,ST=CA,C=US

* compression: NULL

* cipher: ARCFOUR-128

* MAC: SHA1

> POST /admin/_portalintf.jsp HTTP/1.1

User-Agent: PycURL/7.19.7

Host: 10.97.0.12

Accept: text/xml

Accept-Charset: UTF-8

Content-Length: 175

Content-Type: application/x-www-form-urlencoded

< HTTP/1.1 200 OK

< Date: Fri, 20 Feb 2015 22:55:24 GMT

< Server: Embedthis-Appweb/3.4.2

< Cache-Control: no-cache

< Content-Length: 101

< Connection: keep-alive

< Keep-Alive: timeout=5, max=99

< Last-Modified: Fri, 20 Feb 2015 22:55:24 GMT

< Content-type: text/xml

< Cache-control: no-cache="set-cookie"

< Set-Cookie: -ejs-session-=x6e5951bc9766a677250946238c588b93; path=/;

< X-Appweb-Seq: 1846864

<

* Connection #0 to host 10.97.0.12 left intact

* Closing connection #0

;

Any ideas?

paul_cross_6661 · ‎02-26-2015

OK, fixed that problem - had to change the urls to http instead of https -

from nbi_url = "https://" + zd_ip + "/admin/_portalintf.jsp"
to
nbi_url = "http://" + zd_ip + "/admin/_portalintf.jsp"

Different error now, but script has got further and is telling me there's a problem in xmlcommon now.

CommScope RUCKUS Community Forums

Secure Hotspot with V9.6