×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

generating CSR for guest wlan

Unanswered Question
Feb 16th, 2012
User Badges:

Hi, I'm confused about the CSR generation in order to get a real certificate so my guest wireless users can trust the network. If I submit my CSR with an internal IP address, how is this certified by organization such as Thawte. I am stuck on generating my CSR at this point. My internal ip address for my virtual interface is 192.168.4.x, I go ahead and use this non-routable address within my CSR? Thanks for any pointers on this subject. I understand the process on how to generate a CSR and upload it, i don't understand what the consequences of using an internal address and dns name will have with my outside entity, Thawte.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
daviwatk Thu, 02/16/2012 - 12:24
User Badges:
  • Bronze, 100 points or more

When you create a CSR, there is no "IP Address" involved.  The CA doesn't need, nor care, about an IP address.  The "common name" is of utomost importance.


When you generate your CSR, the "common name" will be the "name" that needs to resolve (via DNS) to the virtual IP of your WLC.


For instance, you request a common name of "wifiguest.mycompanyname.com"


Your Virtual Address "may" be configured like so (as an example)...

When a client gets "redirected" to wifiguest.mycompanyname.com, your cert with the matching Common Name, will now be applicable to this URL.

Actions

This Discussion

Related Content