The Certificates application is used to create/upload the following certificates:

  • Web Server/External Portal Server Certificate - Used to establish a secure connection between OmniVista Cirrus and APs when using the Web UI Device Management Tool as well as a secure connection to an External Portal Server.

  • Local LDAP Certificate - Used to establish a secure connection between an AP and a Local LDAP Server.

Once the certificates are created/uploaded, they are applied to Access Points at the AP Group level using the AP Group Screen. An Access Point retrieves the certificates to use from the AP Group to which the AP belongs. Each AP Group is associated with a Provisioning Configuration. APs that are members of the AP Group utilize the Provisioning Configuration to boot up and get a basic configuration. The associated Provisioning Configuration is where the certificates to use are specified.

A Certificate file is an Organization-level entity. The Certificate is created in an Organization with a name that is unique across the entire Organization. You can not create two Certificates with the same name in the same Organization.

To manage the Certificates configuration, navigate to the Certificates screen by clicking on Wireless > Advanced > Certificates under the “Configure” section of the OmniVista Cirrus Menu.

The Certificates screen is where you can view existing certificate information, create/upload, edit, and delete certificates. The screen provides a separate tab for each of the two types of certificates. Click on the desired tab to view existing certificates and/or create new ones.

Creating a Certificate

Click on one of the two tabs shown to select which certificate you want to create and upload.

Creating an Access Point Web/External Portal Server Certificate

Select the Access Point Web/External Portal Server tab on the Certificates screen, then click on Create AP Web/External Portal Server Certificate to open the following screen to define the certificate information:

Complete the fields as described below, then click on Create AP Web/External Portal Server Certificate when you are finished creating/uploading the certificate.

  • Name - The name of the certificate file.

  • File - Click on Browse to locate the PEM file to upload.

  • Password - The Private Key Password to use when generating the key file.

  • Confirm- Re-enter the password.

  • Description - Enter a description for the certificate file.

Important Note: APs only support certificates based on FQDN, not IP Address. When generating the CSR file, you must match the "CN" field to the URL "mywifi.al-enterprise.com".

Creating a Local LDAP Certificate

Select the Local LDAP tab on the Certificates screen, then click on Create Local LDAP Certificate to open the following screen to define the certificate information:

Complete the fields as described below, then click on Create Local LDAP Certificate when you are finished creating/uploading the certificate.

  • Name - Enter a Name for the Certificate.

  • Upload CA File - Click on Browse to locate and import the LDAP Server's CA Certificate (PEM or DER encoded certificates only).

  • Upload Server File - Click on Browse to locate and import the AP Certificate File (PEM or DER encoded certificates only).

  • Upload Server Key File - Click on Browse to locate and import the AP Certificate Private Key File.

  • Private Key Password - Enter a Private Key Password to encrypt the key file when generating the CA File.

  • Repeat Private Key Password - Re-enter the Private Key password.

Editing a Certificate

The only attribute you can edit is the description of a Web Server/External Portal Server Certificate (Local LDAP certificates cannot be edited). Click on Access Point Web/External Portal Server tab and select the certificate in the Certificate List, then click on the Edit icon under the “Actions” column. When you are done editing the description, click on Save.

Deleting a Certificate

To delete either type of certificate, select the certificate in the Certificate List and click on the delete icon under the “Actions” column. When the confirmation prompt appears, click on Delete to delete the selected certificate.

You cannot delete an AP Web/External Portal Server Certificate if it is associated with a Provisioning Configuration.

Certificate List

Web Server/External Portal Server File

  • Name - The name of the certificate file.

  • Type - The type of certificate (Web Server/External Portal Server, Local LDAP).

  • Validity Start Time - Validity starting time of the certificate file.

  • Validity Stop Time - Validity ending time of the certificate file.

  • Format - The format of the certificate file (e.g., .pem).

  • Description - User-configured description for the certificate file.

  • Issuer - The entity that issued the certificate.

  • Serial Number - Serial number of the certificate.

Local LDAP File

  • Name - The name of the certificate file.

  • Type - The type of certificate (Web Server/External Portal Server, Local LDAP).

  • Validity Start Time - Validity starting time of the certificate file.

  • Validity Stop Time - Validity ending time of the certificate file.

  • CA File Name - The name of the CA file.

  • Server File Name - The name of the certificate file.

  • Key File Name - The name of the key file.

  • Issued By- The entity that issued the certificate.

  • Issued To - The entity to which the certificate was issued.