Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
821
Views
4
Helpful
4
Replies

4400 Series Wireless Lan Controller Public SSL Certificate

royston.boot
Level 1
Level 1

‎02-27-2006 08:30 PM - edited ‎07-04-2021 11:42 AM

Hi,

Rolling out some LWAPs controlled by a 4402 WLC switch. The on-line help/docs say you can install a public SSL cert (for example from Verisign) for Web based user authentication but there is no Certificate Signing Request (CSR) capability that I can find. Have tried generating an SSL cert using openssl, but the 4402 won't load it via tftp. I am sure I need to create the CSR on the box itself, having created a private key first. Anyone done this? Don't want to install internal CA trusted root certs before-hand and network is being used by guests. I will not encourage people to accept SSL certs that don't match a trusted root cert - very bad practice in my view. Appreciate any help. Royston.

Labels:
0 Helpful
4 Replies 4

s.jankowski
Level 4
Level 4

‎03-03-2006 01:07 PM

To load an externally generated certificate follow the procedure available at

http://www.cisco.com/en/US/products/ps6366/products_configuration_guide_chapter09186a008052d8ef.html#wp1101169

If you are not able to load the certificate using the TFTP server, then the issue must be specific to the TFTP server. Try using a different TFTP server. Try using the Tftpd32 TFTP server.

0 Helpful

Frank
Level 1
Level 1

‎04-29-2008 07:38 AM

I have the same question. Where do you generate the CSR?

Did you ever figure this out?

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to Frank

‎04-29-2008 10:14 AM

Try to look at this doc. Also VeriSign will not support Root certificates after September of this year.. so all certs will be chained and will not work. Look into RapidSSL or other cert providers, but you must make sure it is a root CA certificate.

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00806e367a.shtml

-Scott
*** Please rate helpful posts ***

BRYN JONES
Level 1
Level 1

‎09-01-2008 06:32 AM

Hi

We had issues with chained certificates and after pressing Cisco go the following response:

'just had confirmation from the Business Unit that the Chained Certs feature did make the 5.1 release, its just not been documented in the release notes.

These are now being updated, but FYI

5.1 for Web-Auth

5.1 MR1 (Maintenance Release 1) for 802.1X'

Seems that 5.1 WiSM s/w does do chained certs, they just forgot to tell us!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card