Questions re: AP Pre-Shared Key Authentication

Hello all, I am in the middle of configuring AP pre-shared key authentication on some 450 APs, and I have a few questions regarding the implementation.

  • What are the expected values/syntax for the pre-shared key?  For ePMP, we use a convention close to "xxx-1234" for the WPA2 passphrase.  When we try using a similar convention on PMP450, the Authentication Key box is empty after saving the changes - is this because there is a different syntax expected (i.e. certain # of characters or certain characters not permitted) and the key did not save, or is it normal behavior for the pre-shared key to be invisible from the GUI and act as if no changes were made?  I am pretty sure it is expecting something other than what I am entering, as most saved changes prompt for a reboot.
  • Is there a way to push the auth key configuration via cnMaestro without using the encrypted key?  In the config, the entered key becomes encrypted and stored as "authenticationKeyEncrypted".  Seems to me that to push this change to a bunch of SMs and an AP, you would have to configure the key on one, download the config file to see the encrypted key, and then push a template with "authenticationKeyEncrypted" and "authenticationMode".  


Just in case anyone else comes across this thread looking for this answer…I had the same question, and through a bit of experimentation, I figured out the following:

  • For the 450m, the key needs to be 32 characters in length as a hex string. I found an online text to hex converter and used a 16 character string, which ends up being 32 characters in length when converted to hex. You do NOT include the “0x” at the beginning when pasting that string into the AP’s key field.