We are using the internal customized web frontend. We do have a VeriSign cert (.pem) loaded pointing to our virtual interface. For the most part this works in IE but only if you do the custom updates and get the Certificate updates. We are getting users that are using Safari and Firefox that always get the cert warning (Unless they accept it permanently). Is there any way to get this to work properly across the board?
I did read that the WLCs do not accept chain certs. Is Cisco making any plans to do so in the future?
We did our upgrade yesterday. All went weel for the most part. This did not resolve the Certificate issue (not that I was assuming that it would). Hopefully it really fixed the bugs that we were having in the 4.2.61 code. If anyone has any other ideas or how I could get a "root" certificate I would be glad to listen.
RapidSSL issues Root CA certificates. I used them on all my installs where I need a 3rd party certificate for WebAuth. Just make sure you get a 3 or 5 year certificate, so you don't have to worry about it for a while.