I have a few questions about certificates as I am debating on purchasing a 3rd party certificate for webauth clients. I'm running WCS 220.127.116.11 and my 4404's are on 18.104.22.168.
1. Which type of certificate is preferred, between self-signed and 3rd party (verisign, rapidssl, etc)? Which works better and is easier to set up between the two types?
2. Does the CN need to be the virtual interface's DNS hostname, or can it be the actual virtual address (22.214.171.124)?
3. If it needs to be DNS, does the CN have to be 'hostname.domain.com' or just 'hostname'?
4. Does the DNS name for the virtual interface need to be registered and active on the DNS servers?
5. If self-signed certificates are preferred, how do I change the parameters (ie, the CN) of the certificate on the controllers to remove the error messages of 'invalid hostname' by putting in a valid one?
6. Will having a valid certificate affect any other WLAN/SSID in some way (that don't have webauth)?
Thank you for your time on answering these.