“Secure Connection Failed” Error when logging into Wireless LAN controller using Firefox

Document

Apr 11, 2011 11:34 AM
Apr 11th, 2011

Introduction:-


“Secure Connection Failed” Error when logging Wireless LAN controller using Firefox"

Description:-


Following error message has been received while browsing into different Wireless LAN controllers.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Secure Connection Failed:-

An error occurred during a connection to 192.168.1.2. You have received an invalid certificate.  Please contact the server administrator or e-mail correspondent and give them the following information:

Your certificate contains the same serial number as another certificate issued by the certificate authority.  Please get a new certificate containing a unique serial number.

(Error code: sec_error_reused_issuer_and_serial)

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.


    * Please contact the web site owners to inform them of this problem


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



This is a certificate conflict message. Actually firefox collects certificates and compare all incoming certificates. If these certificates match but come from different sources Firefox throws the certificate conflict message like “Secure Connection Failed”.



Most of the time, controller are installed with the same certificate during production. So when for the first time when you will access the controller, the browser will install this certificate in local certificate list. In case you access any other controller which have the same certificate installed but the source is different, there will be a conflict. It has been noticed that this issue comes only with Firefox and not with IE.  The factory installed certificate on the WLC can be find at MANAGEMENT-->HTTP-->CURRENT CERTIFICATE.

1.jpg

Workarounds/fixes/recommendations:-

Fixing this issue is pretty simple. After you configure your WLC with an IP address, go to MANAGEMENT-->HTTP and click on regenerate certificate.  Once we regenerate the certificate, it will generate a unique certificate with latest validity date. Then reboot the controller for the certificate to take effect. Below is an example of regenerated certificate.

Relevant bug: There is a Bug filed related to this issue and has been fixed.

CSCsg09237:- Controller HTTPS certificates should be unique inserial #

Reference Documents:-

Cisco4400 Series Wireless LAN Controllers - Wireless LAN Controller (WLC) Error andSystem Messages FAQ

Cisco 4400 Series Wireless LAN Controllers - Wireless LAN Controller (WLC) FAQ

IPv6 support on the Wireless LAN Controller

Cisco 4400 Series Wireless LAN Controllers Configuration Examples and TechNotes

Cisco 4400 Series Wireless LAN Controllers - Home Page

Cisco Wireless LAN Controller (WLC) and Cisco ACS 5.x (TACACS+) Configuration Example for  Web Authentication

Other Reference Information about Wireless LAN Controller:-

Initial Configuration of Wireless LAN Controller using CLI and GUI

1.jpg

Average Rating: 5 (2 ratings)

Comments

Actions

Login or Register to take actions

Related Content

Documents Leaderboard