04-23-2014 06:51 PM - edited 03-03-2019 07:22 AM
I am trying to setup 802.1x authentication in my network. I have a 5508 WLC and am using Microsoft NPS as my Radius server. I would like to be able to use a splash page after a PEAP authentication to show our Acceptable Use Policy, but I can't get it to work. I am now trying to get layer 3 web authentication to work, but I can't get my certificate to install on the controller. I have compiled my unchained certificate according to cisco.com's procedure, but installation fails every time. Any help would be great.
04-23-2014 11:09 PM
Hi,
Please refer below link to install certificate on controller :
http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/70584-csr-wlc-00.html
04-24-2014 01:29 PM
Vinodjad,
I followed the tutorial that you posted and just as before I am running into the same problem. I thought that it might have something to do with openssl and the common name configuration at the beginning of the tutorial, but I believe I have followed those steps correctly. I suppose it could have something to do with Microsoft CA.
Any ideas?
Thanks,
(Cisco Controller) >debug pm pki enable
(Cisco Controller) >transfer download start
Mode............................................. TFTP
Data Type........................................ Site Cert
TFTP Server IP................................... omitted
TFTP Packet Timeout.............................. 6
TFTP Max Retries................................. 10
TFTP Path........................................ /
TFTP Filename.................................... wlc-final3.pem
This may take some time.
Are you sure you want to start? (y/N) y
TFTP Webauth cert transfer starting.
TFTP receive complete... Installing Certificate.
*TransferTask: Apr 24 14:07:11.971: sshpmCheckWebauthCert: Verification return code: 0
*TransferTask: Apr 24 14:07:11.971: Verification result text: unable to get local issuer certificate
*TransferTask: Apr 24 14:07:11.971: Error at 0 depth: unable to get local issuer certificate
*TransferTask: Apr 24 14:07:11.977: sshpmAddWebauthCert: Error decoding certificate, Deleting it.
Error installing certificate.
(Cisco Controller) >debug pm pki disable
(Cisco Controller) >debug transfer all enable
(Cisco Controller) >transfer download start
Mode............................................. TFTP
Data Type........................................ Site Cert
TFTP Server IP................................... omitted
TFTP Packet Timeout.............................. 6
TFTP Max Retries................................. 10
TFTP Path........................................ /
TFTP Filename.................................... wlc-final3.pem
This may take some time.
Are you sure you want to start? (y/N) y
*sshpmLscTask: Apr 24 14:07:50.361: sshpmLscTask: LSC Task received a message 4
*TransferTask: Apr 24 14:08:31.723: Memory overcommit policy changed from 0 to 1
*TransferTask: Apr 24 14:08:31.723: RESULT_STRING: TFTP Webauth cert transfer starting.
*TransferTask: Apr 24 14:08:31.723: RESULT_CODE:1
TFTP Webauth cert transfer starting.
*TransferTask: Apr 24 14:08:35.725: Locking tftp semaphore, pHost=omitted pFilename=/wlc-final3.pem
*TransferTask: Apr 24 14:08:35.809: Semaphore locked, now unlocking, pHost=omitted pFilename=/wlc-final3.pem
*TransferTask: Apr 24 14:08:35.809: Semaphore successfully unlocked, pHost=omitted pFilename=/wlc-final3.pem
*TransferTask: Apr 24 14:08:35.837: TFTP: Binding to remote=omitted
*TransferTask: Apr 24 14:08:35.845: TFP End: 3032 bytes transferred (0 retransmitted packets)
*TransferTask: Apr 24 14:08:35.845: tftp rc=0, pHost=omitted pFilename=/wlc-final3.pem
pLocalFilename=cert.p12
*TransferTask: Apr 24 14:08:35.845: RESULT_STRING: TFTP receive complete... Installing Certificate.
*TransferTask: Apr 24 14:08:35.845: RESULT_CODE:13
TFTP receive complete... Installing Certificate.
*TransferTask: Apr 24 14:08:39.849: Adding cert (3008 bytes) with certificate key password.
*TransferTask: Apr 24 14:08:39.869: RESULT_STRING: Error installing certificate.
*TransferTask: Apr 24 14:08:39.869: RESULT_CODE:12
*TransferTask: Apr 24 14:08:39.869: Memory overcommit policy restored from 1 to 0
Error installing certificate.
(Cisco Controller) >
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: