Unleashed AP provide SHA-1 cert, Android phones reject it, thus no internet

  • 1
  • Question
  • Updated 11 months ago
Hi,

We've been working on some Ruckus Unleashed APs recently and we've run into several issues along the way. Most of which we were able to tackle. However, after installing the APs in several buildings of a client, we discovered Android phones do not work over guest access wifi. This has to do with the certificate being used from the Ruckus APs.
Chrome bugs over a SHA-1 cert, which is considered weak, thus the phone does not have an internet connection.

I've tried to set the certificate setting to 2048 bits, but this didn't solve anything as visible on the last picture.

Anyone any idea if this is fixable? Our APs use the latest software version. 100.1.9.12.62



Photo of Axel Robbe

Axel Robbe

  • 19 Posts
  • 4 Reply Likes

Posted 11 months ago

  • 1
Photo of Nat Chidambaram

Nat Chidambaram

  • 44 Posts
  • 21 Reply Likes
Are you using self-signed certificate or your own signed certificate? If you are using self-signed certificate then likely by upgrading to upcoming version 200.2 should fix it as the new self-signed certificates are using SHA-256.

If you are using your own signed certificate please ensure that certificate is SHA-256.
Photo of Axel Robbe

Axel Robbe

  • 19 Posts
  • 4 Reply Likes
It appears it's a selfsigned cert. I thought otherwise looking at the CA.
Nevertheless, is it fixable right now without setting up my own CA?
Can I force the guestpage to use HTTP? (I now it's not safe, but I need a workaround now)