AT a client site we have a 4402 running and have recently upgraded to 6.0. After upgrading when users connect to the guest network and open a web browser to be redirected to the login page they get the certificate error page in internet explorer then after clicking continue, they get the login page. Has anyone seen why the certificate errors occurs on the guest network?
Solved! Go to Solution.
Thanks for your reply. The issue is that the certificate error is occuring on the Web Authentication page for the Guest Wireless Network not for the login page for the actual controller. So a guest connects to the wireless entwork and opens a web browser and then instead of the weblogin page they get the certificate error page.
If the user accepts the certificate does it take them to the login page? If so this is
To keep the https wlc login capability I would suggest using the openssl cert
Below shows how to install an open ssl cert and also the guest access deployment guide
I agree that normal functionality of the controller is that you see the certificate error and click to accept and continue when logging in to the web interface. We are seeing this when logging opening a web browser as a guest and getting the guest user web authentication screen, which I have not seen happen on any controller I have worked on previously. See attachments.
Unless you have installed a 3rd party certificate, you will always get certificate error because the built-in Cisco certificate is not a trusted certificate in Windows or MAC's. Now if you did have a 3rd party certificate installed, maybe the upgrade corrupted the cert or returned the certificate back to default Cisco. Look at the certificate in the WLC and see what certificate is being used.
I actually spoke with Cisco about this and previous versions of the controller software did not require a third-party certificate for the Web Authentication Page for a Guest network, hoever starting with 4.2.X they are now using SSL Version 3 so there is no way around it, other than purchasing a certificate or turning off the Secure Web piece.
Thanks for your responses.
So your client was on a 3.x code and you upgraded to a 6.x? Its been a while since I touched 3.x, but maybe they didn't do secure web back then. I know that they generate their own certificate still so that would still generate an error prior to getting the web-auth page. Oh well... you have it under control.