Note
Tunneling between an AP and a controller is also certificate based, but tunneling supports the ExtremeCloud IQ Controller pre-installed Manufacturer certificate, which is different than a certificate used for AP 802.x authentication to the network. Uploading certificates to the AP (or enabling PEAP on the profile), is used for 802.1x authentication function.On ExtremeCloud IQ Controller you can generate a unique .csr file for each AP. Then, send the .csr file to the certificate authority to be signed and returned as a unique .cer signed certificate. Another option is to apply a generic certificate (.pfx file) that you export from the certificate authority. Generic .pfx certificates can be applied to more than one AP.
Zip files can contain more than one unique .cer certificate. ExtremeCloud IQ Controller applies each certificate to the appropriate AP based on the identifying property: serial number, AP name, or MAC address. The zip file can also contain one generic .pfx file that can be applied to multiple APs. However, uploading a single zipped .cer certificate to multiple APs is not supported. Consider this when selecting more than one AP for certificate management.
To manage certificates, go to . Select one or more access points and select .
From the Access Point List, you can verify that a certificate has been applied. Select the CERT column for display.
