Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
492
Views
0
Helpful
3
Replies

Same WebAuth cert for all WLCs 1.1.1.1???

Go to solution
mscherting
Level 1
Level 1

‎03-26-2012 03:21 PM - edited ‎07-03-2021 09:52 PM

It's fuzzy, but I seem to recall reading somewhere that I can use the same public CA cert on all WLCs for guest WebAuth, assuming the following:

All WLCs virtual IPs are 1.1.1.1

FQDN abc.mycompany.com resolves to 1.1.1.1 in my DNS provided to guests by DHCP

CN in public cert=abc.mycompany.com

Can I use the same public CA cert on all WLCs for guest WebAuth?

Do I have to chain imtermediate and/or WLC specific certs onto each WLC as well?

Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Stephen Rodriguez
Cisco Employee
Cisco Employee

‎03-26-2012 03:27 PM

Yes, so long as the Virtual interface matches, both the IP and the dns name, you can use the same certificate across all the WLC in your network.

Steve

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Stephen Rodriguez
Cisco Employee
Cisco Employee

‎03-26-2012 03:27 PM

Yes, so long as the Virtual interface matches, both the IP and the dns name, you can use the same certificate across all the WLC in your network.

Steve

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful

Go to solution
George Stefanick
VIP Alumni
VIP Alumni
In response to Stephen Rodriguez

‎03-26-2012 03:33 PM

Yup, just cant use them for HTTPS logon into the controllers. But as Steve points out, you can reuse that cert on all the WLCs so long as it pointing to the right VIP on the WLC and its resolving on the DNS.

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

Go to solution
mscherting
Level 1
Level 1

‎03-26-2012 03:44 PM

Thanks to Stephen & George!

Some day I'll get internal certs for web admin of the WLCs.  Right now I need to by-pass NAC/Guest Server to provide instant Internet gratification. 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card