09-25-2017 09:11 AM - edited 07-05-2021 07:41 AM
Hi, please give your input to a problem I have just created myself.
I have a Cisco 5520 WLC and it is running just fine. At this moment there are only three APs, but the company wants to extend the wireless network, including guest access. I was testing configurations and created a nice working FlexConnect solution. The only thing that was bothering me was the self-signed certificate on the WebAuth login page.
So I went to the "Security" menu, chose "Certificates, entered all the information for a "CSR WebAuth" certificate, clicked "Generate" and rebooted the controller.
Now I cannot access the web GUI with https any longer. I enabled http web access on the CLI, so I can still reach the web GUI, but I cannot leave this enabled for long. What was my mistake and how do I fix it?
I will answer any question after 9 am CEST tomorrow. Thank you.
Solved! Go to Solution.
09-26-2017 06:43 AM
I did some regeneration as Flavio had suggested, but that had no effect. But I must have done it wrong. Because in the end that was exactly what I had to do.
So, if you lose access to the https web GUI, enable http web GUI on the CLI with:
config network webmode enable
Then access the web GUI, go to "Management"and then "HTTP-HTTPS". Press "Delete certificate" and then "Regenerate certificate". Go to the "Commands" page, select "Reboot" and press "Save and reboot". Four minutes later you can access the https web GUI again, and even the WebAuth login page works again.
And btw, you can download and execute openssl without installation, but I didn't need it (yet).
Thanks again to Flavio!
09-25-2017 12:23 PM - edited 09-25-2017 03:56 PM
Hi,
Have you tried to regenerate?
'config certificate generate webauth'
09-25-2017 11:46 PM
Thank you, the regeneration doesn't solve the problem. I am seeing the solution in the links you provided in your mail, they were very helpful.
I did not create a certificate, only a Certificate Signing Request, so now I don't have a certificate at all, only a pending request. Since I am not allowed to install software, I'll have to wait for the windows admin to come to the office, and he should be able to help me with either installing openssl or importing a company certificate.
09-26-2017 06:43 AM
I did some regeneration as Flavio had suggested, but that had no effect. But I must have done it wrong. Because in the end that was exactly what I had to do.
So, if you lose access to the https web GUI, enable http web GUI on the CLI with:
config network webmode enable
Then access the web GUI, go to "Management"and then "HTTP-HTTPS". Press "Delete certificate" and then "Regenerate certificate". Go to the "Commands" page, select "Reboot" and press "Save and reboot". Four minutes later you can access the https web GUI again, and even the WebAuth login page works again.
And btw, you can download and execute openssl without installation, but I didn't need it (yet).
Thanks again to Flavio!
01-18-2021 07:04 AM
Thank you so much. This worked for me
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide