Looks like Cisco has a leap year certificate bug when generating certs (I only tried it on web-admin certs) today, Feb 29th, 2008. If you generate a cert for your controller today, you won't have HTTPS login as your cert will be invalid, Feb 29th, 2008 to Feb 29th, 2018. Well, 2018 is not a leap year so that cert would be invalid. I would suggest you use yesterday's date or tomorrow's date if you are generating certs, as that is the workaround. This goes for flashing IOS APs to LWAPP also. If you're doing it remotely, you don't want invalid certs out there as your APs would never join the controller. I think Cisco may have to investigate this as a bug.