topic Re: How Make the Web Auth Certificate Warning Go Away in Wireless

How Make the Web Auth Certificate Warning Go Away

Abdulkader Naji — Mon, 05 Jul 2021 15:46:50 GMT

The issue is with wireless controller Mobility Express version 8.2.166 which is configured for guest WLAN.

the issue happen user need to access to cisco page of local web authentication page the browser is not trusting the certificate from the virtual IP of WLAN controller.

How to make the guest users access to web authentication page directly without the SSL connection.

Re: How Make the Web Auth Certificate Warning Go Away

Scott Fella — Sun, 24 Jun 2018 12:38:07 GMT

You need to disable https in order to have guest portal use http. However, I believe this will also disable https/ssh for management.

Re: How Make the Web Auth Certificate Warning Go Away

Abdulkader Naji — Sun, 24 Jun 2018 12:43:26 GMT

I just open TAC case I got this below reply

Problem Description:

WLC: 2800s ME

SW: 8.2.166.0

You would like to avoid the security warning shown when using gust network.

When using the CLI of the ME, you can use the same commands used on the normal WLC, so you can simply follow the link below, which provides a step by step procedure to do that:

https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/109597-csr-chained-certificates-wlc-00.html#anc7

https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/109597-csr-chained-certificates-wlc-00.html#anc14

I will try and revert back if it will work in my scenario

Re: How Make the Web Auth Certificate Warning Go Away

Scott Fella — Sun, 24 Jun 2018 12:47:07 GMT

Correct... installing a trusted cert is the preferred way. Make sure that you can setup a DNS entry for the VIP in order for this to work.

Re: How Make the Web Auth Certificate Warning Go Away

Abdulkader Naji — Sun, 24 Jun 2018 13:06:16 GMT

as TAC suggested

The easiest one is to use HTTP redirect instead of HTTPs, but our suggestion to use a certificate was to get rid of that error without the need to manually choose HTTP.

Re: How Make the Web Auth Certificate Warning Go Away

Prkalavadia — Fri, 17 Jan 2020 11:18:33 GMT

Hi there,

Please can you advise me in same,

I believe we can use restart command on WLC 5520 to activate Web-authentication cert installed on WLC.

I am having two 5520 WLC in HA cluster, By giving command "Restart on self", will there be any down time for users connected to WiFi?

is there any other way to activate Web-authentication cert installed on WLC without down time for users connected to WiFi?

Thanks,

Re: How Make the Web Auth Certificate Warning Go Away

Scott Fella — Fri, 17 Jan 2020 12:21:21 GMT

If you have SSO enabled, you can make your change on the primary, save the config and then issue a force failover. This way the active will restart and the secondary will become active. You can then configure the new active, save that config and wait until both units are up and synced before you issue another force failover. There will be no downtime as long as you restart one at a time. The primary is first because certificates are not synced in SSO.

Re: How Make the Web Auth Certificate Warning Go Away

Prkalavadia — Fri, 14 Feb 2020 08:38:55 GMT

Hi Scott,
As per your advise, I restarted Primary which failed over to secondary and after sometime I restarted Secondary so Again Primary became Active.
During this time I continues pinged to VIP, Zero packet drop , No down time,
And Uploaded WebAuth Certificate is active now.
Many thanks for your advise.
Punit

Re: How Make the Web Auth Certificate Warning Go Away

Scott Fella — Fri, 14 Feb 2020 10:18:16 GMT

Glad that worked for you!

Re: How Make the Web Auth Certificate Warning Go Away

iores — Sat, 12 Nov 2022 21:34:05 GMT

Why it is necessary to setup a DNS entry? Would it work without this?