User Guide

Wi-Fi Array

212 Configuring the Wi-Fi Array

Figure 123. Import Xirrus Certificate Authority

By clicking and opening this file, you can follow your browser’s instructions and

import the Xirrus CA into your CA cache (see page 219 for more information).

This instructs your browser to trust any of the certificates signed by the Xirrus

CA, so that when you connect to any of our Arrays you should no longer see the

warning about an untrusted site. Note however, that this only works if you use

the host name when connecting to the Array. If you use the IP address to connect,

you get a lesser warning saying that the certificate was only meant for ‘hostname’.

Since an Array’s certificate is based on the Array’s host name, any time you

change the host name the Array’s CA will regenerate and resign a new certificate.

This happens automatically the next time you reboot after changing the host

name. If you have already installed the Xirrus CA on a browser, this new Array

certificate should automatically be trusted.

When you install the Xirrus CA in your browser, it will trust a certificate signed

by any Xirrus Array, as long as you connect using the Array’s host name.

Using an External Certificate Authority

If you prefer, you may install a certificate on your Array signed by an outside CA.

Why use a certificate from an external CA? The Array’s certificate is used for

security when stations attempt to associate to an SSID that has Web Page Redirect

enabled. In this case, it is preferable for the Array to present a certificate from an

external CA that is likely to be trusted by most browsers. When a WPR login page