Move web auth certificate

s.hellman · ‎01-25-2010

We had a 4404 named ugs_wifi_01.<domain> with a 3rd party SSL certificate for the web auth.

Now we have bought two 5508 and sold the old 4404. The new controllers are named uv-wifi-01.<domain> and uv-wifi-02.<domain> (the same domain as the old 4404). Is there any way to reuse the SSL certificate on these new controllers? I did try to upload the certificate but I got

"Upload failed"

"%SSHPM-3-KEYED_PEM_DECODE_FAILED: sshpmcert.c:4028 Cannot PEM decode private key"

I guess that is because the name of the controller is different.

zhenningx · ‎01-26-2010

You should be able to reuse the ssl cert on the new WLC. But your clients will get security errors about domain name mismatch.

When you download the cert to the WLC, you should download the cert and private key bundle from the old WLC, not just the cert itself. The error seems like the private key is missing or not match.

This doc may be helpful:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00806e367a.shtml

zhenning

pls rate the helpful posts

s.hellman · ‎01-27-2010

I set the name of the old controller on the virual interface on the new controllers, and then I could

run the old certificate without any errors and warnings!

rlaplante@bhfs.com · ‎08-21-2013

This worked for me. I was using OpenSSL v1. instead of 0.9.8.

Reference...

http://pvoord.wordpress.com/2012/06/20/importing-3rd-party-certificate-on-cisco-wlc/

rlaplante@bhfs.com · ‎08-21-2013

This worked for me. I was using OpenSSL v1. instead of 0.9.8.

Reference...

http://pvoord.wordpress.com/2012/06/20/importing-3rd-party-certificate-on-cisco-wlc/