Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Import a certificate for web auth on controller

I have a customer who says that the SSL Certificate warning that pops up for the web auth on the WLC is not acceptable. Is the controller capable of importing a certificate? Can the certificate have 1.1.1.1 as its CN?

reload in 25 years
5 REPLIES
Gold

Re: Import a certificate for web auth on controller

You sure can load a third party cert to the controller. Just make sure it is not a chained certificate since the controllers don't support them. Here's a document on how to get and install the certificate:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00806e367a.shtml

Community Member

Re: Import a certificate for web auth on controller

Looks good. Is there any issue with using a public DNS and a virtual interface of 1.1.1.1 ?

reload in 25 years
Community Member

Re: Import a certificate for web auth on controller

I feel is a very good solution.
Only one question, does the OpenSSL aplication cost? Where can I get?

Thanks.

S.

Re: Import a certificate for web auth on controller

rchester,

    It's kinda funny I just went through this with a Client last week. So yes you can install an SSL certificate to resolve that inconvience, and you can use a Chained SSL Certificate (it's what I used) but you need to follow these directions.

http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a77592.shtml

My client got their certificates from Verisign.

As for the OpenSSL application

http://gnuwin32.sourceforge.net/packages/openssl.htm

http://www.openssl.org/

those are the sites I used to get the openssl application..

Here is also a link to show you how to setup OpenSSL

http://www.dylanbeattie.net/docs/openssl_iis_ssl_howto.html

takes a bit to get it setup, but worked like a charm.  You can get a 14-day trial certificate from Versign to test and experiment with.

Also the CN can not be an IP Address, and as far as the 1.1.1.1 on public DNS mine is setup that way and works great...

Hope this helps, please feel free to rate this post.

Thanks,

Kayle

Community Member

Re: Import a certificate for web auth on controller

Kayle, you wrote:

> ... the 1.1.1.1 on public DNS mine is setup that way and works great...

I tried that too and got a lot of comment: 1.1.1.1 is a virtual address and hence cannot be linked to an 'owner'. Therefore this DNS entry request was refused, unless this DNS would be confined to our own organisation. Did you do it this way?

884
Views
0
Helpful
5
Replies
CreatePlease to create content