Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Error installing certificate with Cisco 5508 7.4.110

hi All,

I am getting Error while installing the web certificate on a WLC.

      

(Cisco Controller) >transfer download start

Mode............................................. TFTP
Data Type........................................ Site Cert
TFTP Server IP................................... 10.225.5.11
TFTP Packet Timeout.............................. 6
TFTP Max Retries................................. 10
TFTP Path........................................ ./
TFTP Filename.................................... final-cert.pem


This may take some time.
Are you sure you want to start? (y/N) y

TFTP Webauth cert transfer starting.

TFTP receive complete... Installing Certificate.

Error installing certificate.

the Copy works fine but for some reason installation doesnt complete. I am having issues even with GUI mode.

Please let me know what is should do.

Everyone's tags (2)
13 REPLIES
Hall of Fame Super Silver

Re: Error installing certificate with Cisco 5508 7.4.110

Typically when I have seen that, is because of the certificate not properly converted to a pem file. Did you follow the instructions on the link below?

http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a77592.shtml

Also I know there are issues with OpenSSL v1 and I have been using various versions of OpenSSL v0.9.8

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Hall of Fame Super Silver

Re: Error installing certificate with Cisco 5508 7.4.110

Here is a link to OpenSSL Light v9.8 that I use

http://slproweb.com/products/Win32OpenSSL.html

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
New Member

Error installing certificate with Cisco 5508 7.4.110

i have used the same pem file in few other controllers and it worked fine, do we have a limitation of one certificate can be used for WLC from the same region.

I have used the same certificate for a WLC in US and now i am trying in Singapore.

The pem file was shared to me by customer and i dont have any passowrd for it with me , is that creating an issue here?

Hall of Fame Super Silver

Error installing certificate with Cisco 5508 7.4.110

A password is required in order to upload the certificate properly.  Without the password, it will fail.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
New Member

Error installing certificate with Cisco 5508 7.4.110

ok, there was no password which was shared, btw how to stop debug in a WLC

Hall of Fame Super Silver

Error installing certificate with Cisco 5508 7.4.110

undebug all

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
New Member

Error installing certificate with Cisco 5508 7.4.110

there is no such command. i issued debug disable-all

Also can i use a Cisco switch as TFTP server for this transfer?

Hall of Fame Super Silver

Re: Error installing certificate with Cisco 5508 7.4.110

You can use any tftp server.  There are many free ones you can just load on your machine.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
Hall of Fame Super Silver

Error installing certificate with Cisco 5508 7.4.110

The certificate has a FQDN and only should or can be used on th esame domain since you need DNS to resovle the FQDN to the VIP.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
New Member

Error installing certificate with Cisco 5508 7.4.110

can u be more specific or elaborate please

Hall of Fame Super Silver

Error installing certificate with Cisco 5508 7.4.110

What I mean is that you can't take another customers certificate and load it onto another customers WLC.  The certificate is assigned to a FQDN (Fully Qualified Domain Name)  whcih will be a DNS entry for the customer who it was registered to, so you can't and shouldn't use it for any other client.  You need to generate one certificate per client.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
New Member

Error installing certificate with Cisco 5508 7.4.110

no i am using the same customer certificate.

Do you know how to perform tftp transfer from switch

i have configred it with tftp server command and put ios in to the bootflash:

New Member

Error installing certificate with Cisco 5508 7.4.110

The issue is resolved i was using a wrong Chain-in password while uploading the file to controller.

847
Views
0
Helpful
13
Replies
CreatePlease to create content