please what are the requirements for custom SSL certificates on WAP4410N? I have created SSL certificate (in PEM format) using my own CA with EJBCA soultion, but after pressing "Install certificate" button on "SSL Certificate Management" section (and confirming following java dialogbox) the http connection is just closed by WAP4410N using FIN/ACK packet without any certificate installation/reboot of device.
If I use my older SSL certificate (again in PEM format) created by openssl package with simple parameters (without Subject Alternative Name, with simplest Signature Algorithm and lot of other differences) the certificate will be installed succesfully. I have not found any "requirements" for those SSL certificates.
So the question is: what specific parameters are checked for compliancy which is causing that certificate installation will fail?
Reason for changing SSL certificate is to move with certificate to new corporate CA managed by EJBCA.
do you have the root CA certificate installed on the WAP also? (ejbca)
I would turn on syslog, see what messages are coming out. I know some of our older devices are limited to key length, and some providers are giving no less than 2k bit certs. If you can, try a shorter key length 1024 or 1536 possibly.
If you are under warranty, you can create a case, upload the logs, and we can check out what is going on, and if there is an easy solution.
Here's some more info on radius auth, and there's a cert install
maybe it looks like small misunderstanding. There is no problem with wireless enterprise authentication (yes, we use it, but it works fine without problems). I have problem with installing HTTP SSL Certificate into WAP4410N (section: Administration -> SSL Certificate Management).
> do you have the root CA certificate installed on the WAP also? (ejbca)
this was never needed even if we used old openssl certificates. all the time the certificate in PEM format (cert+key) was always enough.
> I would turn on syslog, see what messages are coming out.
there is no even one related syslog message even if I checked all possible message log types. Web browser just sends HTTP POST with new certificate as content and opposite site (AP) just sends back FIN/ACK response and connection is closed without any action.
> If you are under warranty, you can create a case, upload the logs, and we can check out what is going on, and if there is an easy solution.
We are using nine WAP4410N AP's, some of them are hopefully still in warranty. How can I create case? There is no specific contract needed in order to open case?
did you ever find a solution to this problem? I'm using StartSSL to generate my certificates, and my WAP371 have no problems accepting it. My WAP4410n however, just closes the connection without returning any data. I just upgraded to 188.8.131.52-K9 firmware, but the issue still persists.
EDIT: I just tried to export and then import the exported certificate, and that works. I don't quite understand why this feature is needed, as I suspect that this default certificate is included in firmware...?
Special thanks to Alex McDonald for sharing his favorite tip:My favorite
tip is the ‘write default’ command on autonomous wireless access points,
it simplifies manual conversion of a WAP with a static ip address to a
LAP with a DHCP address.This saved a l...
With the latest release of firmware for the WAP 561, 551, 371, 351 a new
feature was added that would allow customers to upgrade the firmware for
their clustered access points from the main access point.The basic steps
to accomplish this is:1) Download th...