Replace LWAPP ssc (self-signed-certificate)

Unanswered Question
Feb 26th, 2008


is it possible to replace the standard lwapp ssc against one of our company CA-certificates to allow the wlc to check the correctness of the aps certificate ? (button under security/aaa/ap policies -> Authorize AP agains aaa on the wlc) Is there maybe any guide, which i can't find on ? :) When iam connected to the lwapp via console i can see or modify the sscs.

Thanks for feedback/suggestions

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Richard Atkin Sun, 03/02/2008 - 09:50

The WLC is hard coded with certificates from Cisco, as are Cisco Access Points. The two devices mutually authenticate each other using these (x.509) certificates, and there's nothing you can do about that I'm afraid - any Cisco WLC will always trust any Cisco AP.


If your approach is from the perspective of preventing unauthorised Cisco APs from connecting to your WLC, then you can use the AAA feature you mention.

Take a look here...



dneckermann Sun, 03/02/2008 - 21:57

Thank you Richard for that link. Thats exactly what iam looking for !


This Discussion



Trending Topics - Security & Network