Like the majority of server systems you will install your SSL certificate on the same server where your Certificate Signing Request (CSR) was created. Your private key will always be left on the server system where the CSR was originally created. Your SSL certificate will not work without this private key file. We will assume that this is the original system.
To install your SSL certificate on Aruba ClearPass Policy Manager (CPPM) perform the steps below:
Step 1: Downloading your SSL Certificate its Intermediate CA and Root certificate:
For a Complete installation of your Server certificate on your Cisco WLC you will need three things. Your Server Certificate, Its Intermediate CA, and its Root Certificate. You will create a master all-certs.pem file that will need to be converted into a .pfx file with the private key that was created during CSR creation.
- If you had the option of server type during enrollment and selected Other you will receive a x509/.cer/.crt/.pem version of your certificate within the email. Alternately you can access your Certificate User Portal by the supplied link in the email to pick up the x509 version of your certificate.
- On your computer operating system open a standard text document or notepad. For example you can right click on your desktop on windows go New and select Text Document.
- Copy the SSL certificate and make sure to copy the —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– header and footer Ensure there are no white spaces, extra line breaks or additional characters.
- If your intermediate CA certificate for your product is not in the body of the email you can access your Intermediate CA also in a link within that email typically or contact your CA for Support. Click here to see a list of intermediates and roots the SSL Support Desk has on file.
- Copy and paste the contents of your Intermediate and root certificate into the same Notepad/Text Doc of your Server Certificate. You should have one file that looks like this and saved with what ever name you like with a .pem extension.
Note: Some CA’s may give you an apache intermediate bundle. This will consist of two intermediates stacked on top of each other. These two intermediates are to be kept together and inserted into the example below when making your master all-certs file for installation.
——BEGIN CERTIFICATE——
*Server Device/SSL cert*
——END CERTIFICATE——
——BEGIN CERTIFICATE——
*Intermediate CA cert *
——END CERTIFICATE——–
——BEGIN CERTIFICATE——
*Root CA cert *
——END CERTIFICATE——
- Saved the combined Notepad file with all the certificates SSL certificate Intermediate & root CA certificates. Specify this file with any name as you wish with a .pem extension. Example: all-certs.pem
Step 2: Installing your SSL Certificate ad private key:
- Open your Aruba ClearPass CPPM.
- Navigate to Administration > Certificate > Server Certificate.
- Click Import Server Certificate.
- In the Import Server Certificate pop-up screen specify the following:
- Certificate File: Click Choose File and specify the location and path of your SSL/Intermediate/Root .pem file.
- Private Key File: Click Choose File and specify the location and path of your CertPrivaKey.pkey file you created during CSR creation.
- Private Key Password: Enter the password you used when you created your private key during CSR creation.
- Click Import.
- If you receive no error messages then you should see your SSL certificate, its Intermediate CA, and their Root CA certificate.
Your SSL Certificate is now installed on your Aruba ClearPass Policy Manager.
If you are unable to use these instructions for your server, Acmetek recommends that you contact either the vendor of your software or the organization that supports it.
Aruba ClearPass Support:
For more information refer to Aruba ClearPass.