Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

WLC 5760, Public portal Certificate issues, Webauth

 

 

I am setting up a public portal on WLC 5760. I have my certificate installed and I am not finding how to make my cert tie into the portal for the public SSID I have set.  It keeps using the self signed IOS cert and not my DIGICERT cert I have in. Yes I have rebooted smiley. I'm sure I am missing 1 or 2 lines of code that make this work. Thanks for you help in advance. I also used the cisco documentation to build the trustpoints.

 

I am running

03.03.02SE RELEASE SOFTWARE (fc2)

Trustpoint trustp1:
    Subject Name:
    cn=bcwifi.*********
    o=*******
    l=*****
    st=*****
    c=******
          Serial Number (hex): **********
    Certificate configured.


Trustpoint digicert:
    Subject Name:
    cn=DigiCert High Assurance CA-3
    ou=www.digicert.com
    o=DigiCert Inc
    c=US
          Serial Number (hex): **********
    Certificate configured.


Trustpoint TP-self-signed-2492061061:
    Subject Name:
    cn=IOS-Self-Signed-Certificate-********
          Serial Number (hex): 01
    Persistent self-signed certificate trust point


Trustpoint CISCO_IDEVID_SUDI:
    Subject Name:
    cn=Cisco Manufacturing CA
    o=Cisco Systems
          Serial Number (hex): *****
    Certificate configured.


Trustpoint CISCO_IDEVID_SUDI0:
    Subject Name:
    cn=Cisco Root CA 2048
    o=Cisco Systems
          Serial Number (hex): 5*******
    Certificate configured.


BCWLC01#

 

 

BCWLC01#sh crypto pki certificates
CA Certificate
  Status: Available
  Certificate Serial Number (hex): 5***************
  Certificate Usage: Signature
  Issuer:
    cn=Cisco Root CA 2048
    o=Cisco Systems
  Subject:
    cn=Cisco Root CA 2048
    o=Cisco Systems
  Validity Date:
    start date: 13:17:12 mst May 14 2004
    end   date: 13:25:42 mst May 14 2029
  Associated Trustpoints: CISCO_IDEVID_SUDI0

Certificate
  Status: Available
  Certificate Serial Number (hex): ***************
  Certificate Usage: General Purpose
  Issuer:
    cn=Cisco Manufacturing CA
    o=Cisco Systems
  Subject:
    Name: AIR-CT5760-6C9989EE2000
    Serial Number: PID:AIR-CT5760 SN:*************
    cn=AIR-CT5760-6C9989EE2000
    serialNumber=PID:AIR-CT5760 SN:**************
  CRL Distribution Points:
    http://www.cisco.com/security/pki/crl/cmca.crl
  Validity Date:
    start date: 05:13:07 mst Dec 26 2013
    end   date: 05:23:07 mst Dec 26 2023
  Associated Trustpoints: CISCO_IDEVID_SUDI

CA Certificate
  Status: Available
  Certificate Serial Number (hex): ************
  Certificate Usage: Signature
  Issuer:
    cn=Cisco Root CA 2048
    o=Cisco Systems
  Subject:
    cn=Cisco Manufacturing CA
    o=Cisco Systems
  CRL Distribution Points:
    http://www.cisco.com/security/pki/crl/crca2048.crl
  Validity Date:
    start date: 15:16:01 mst Jun 10 2005
    end   date: 13:25:42 mst May 14 2029
  Associated Trustpoints: CISCO_IDEVID_SUDI

Router Self-Signed Certificate
  Status: Available
  Certificate Serial Number (hex): 01
  Certificate Usage: General Purpose
  Issuer:
    cn=IOS-Self-Signed-Certificate-***************
  Subject:
    Name: IOS-Self-Signed-Certificate-************
    cn=IOS-Self-Signed-Certificate-************
  Validity Date:
    start date: 14:33:15 mst Mar 28 2014
    end   date: 17:00:00 mst Dec 31 2019
  Associated Trustpoints: TP-self-signed-********
  Storage: nvram:IOS-Self-Sig#1.cer

CA Certificate
  Status: Available
  Certificate Serial Number (hex): ************
  Certificate Usage: Signature
  Issuer:
    cn=DigiCert High Assurance EV Root CA
    ou=www.digicert.com
    o=DigiCert Inc
    c=US
  Subject:
    cn=DigiCert High Assurance CA-3
    ou=www.digicert.com
    o=DigiCert Inc
    c=US
  CRL Distribution Points:
    http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl
    http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl
  Validity Date:
    start date: 05:00:00 mst Apr 2 2008
    end   date: 17:00:00 mst Apr 2 2022
  Associated Trustpoints: digicert
  Storage: nvram:DigiCertHigh#3F3BCA.cer

CA Certificate
  Status: Available
  Certificate Serial Number (hex): **************
  Certificate Usage: General Purpose
  Issuer:
    cn=DigiCert High Assurance CA-3
    ou=www.digicert.com
    o=DigiCert Inc
    c=US
  Subject:
    cn=bcwifi*******
    o=******
    l=B*****
    st=*****
    c=*******
  CRL Distribution Points:
    http://crl3.digicert.com/ca3-g27.crl
    http://crl4.digicert.com/ca3-g27.crl
  Validity Date:
    start date: 17:00:00 mst Aug 31 2011
    end   date: 05:00:00 mst Nov 26 2014
  Associated Trustpoints: trustp1
  Storage: nvram:DigiCertHigh#1D41CA.cer


BCWLC01#

1 REPLY
Hall of Fame Super Gold

Duplicate posts.   Go here:

Duplicate posts.  

 

Go here:  http://supportforums.cisco.com/discussion/12159641/wlc-5760-public-portal-certificate-issues-webauth

1919
Views
0
Helpful
1
Replies