WiSM Cert issue.

Unanswered Question
Aug 26th, 2008
User Badges:

We are using the internal customized web frontend. We do have a VeriSign cert (.pem) loaded pointing to our virtual interface. For the most part this works in IE but only if you do the custom updates and get the Certificate updates. We are getting users that are using Safari and Firefox that always get the cert warning (Unless they accept it permanently). Is there any way to get this to work properly across the board?

I did read that the WLCs do not accept chain certs. Is Cisco making any plans to do so in the future?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
BRYN JONES Mon, 09/01/2008 - 02:44
User Badges:


We had issues with chained certificates and after pressing Cisco go the following response:

'just had confirmation from the Business Unit that the Chained Certs feature did make the 5.1 release, its just not been documented in the release notes.

These are now being updated, but FYI

5.1 for Web-Auth

5.1 MR1 (Maintenance Release 1) for 802.1X'

Seems that 5.1 WiSM s/w does do chained certs, they just forgot to tell us!

BRYN JONES Mon, 09/01/2008 - 05:13
User Badges:


Have you entered the DNS name for your Digital Certificate in the 'DNS Hostname' field of the virtual interface?

It is under Controller > Interfaces > virtual > DNS Hostname

We had something similar and this seemed to work

dbentley Tue, 09/02/2008 - 07:08
User Badges:

yes, that is in place. We are getting ready to upgrade to 4.2.130 tomorrow. I am hoping this might fix some of our issues.

dbentley Fri, 09/12/2008 - 05:05
User Badges:

We did our upgrade yesterday. All went weel for the most part. This did not resolve the Certificate issue (not that I was assuming that it would). Hopefully it really fixed the bugs that we were having in the 4.2.61 code. If anyone has any other ideas or how I could get a "root" certificate I would be glad to listen.

Scott Fella Fri, 09/12/2008 - 05:54
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

RapidSSL issues Root CA certificates. I used them on all my installs where I need a 3rd party certificate for WebAuth. Just make sure you get a 3 or 5 year certificate, so you don't have to worry about it for a while.

ciske.remmetts Mon, 09/15/2008 - 06:11
User Badges:

Which certificate on the RapidSSL site have you chosen for the WISM? Or do you have a link? Thanks.


This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode