ExtremeWireless (WiNG)

NX5500 Controller LDAPS certificate issues with Windows AD

  • 1.  NX5500 Controller LDAPS certificate issues with Windows AD

    Posted 12-18-2018 03:53
    A NX5500 has been configured to use LDAP(S) authentication for admins logging into the management UI portal. I can get the port 389 non-SSL working but not the 636 SSL.

    I have gotten a publicly signed certificate from a CSR generated on the NX5500, and uploaded the CA from the to the NX5500 along with the signed certificate back from said CA and paired them as a trustpoint. When I try to log in, I get an error that I could not - and in my Windows LDAP server I see an error "the certificate chain was issued by an authority that is not trusted."

    I've also issued a certificate signed by my non-public CA and used that certificate on the NX5500, and that throws the same error in the Windows logs. I'm at a loss.

    This could be my lack of knowledge on SSL/Certs - but I have an identical setup working on other devices using LDAP and I don't have this issue. Is this the correct set up ? What isn't being trusted?