cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1703
Views
10
Helpful
3
Replies

Need help adding certificate to WAP321

Chris Winne
Level 1
Level 1

Good evening,

I recently bought the WAP321 access point. I've got it all set up for wireless, but am trying to import a certificate for the HTTPS interface. So far, I've tried the following:

1. I created a new certificate template on my Windows Server 2008 R2 root CA

2. I've created a request on the CA to create the certificate, and downloaded it in .cer format

3. I've used openssl to convert the certficate to .pem format, as the device manual specified that it needed to be in .pem format

4. I've attempted to upload this certificate in the HTTP/HTTPS Settings for the device

Upload fails each time. I've tried with 512, 1024, and 2048 bit certificates, but still have the same problem each time. I've looked around, but can't find documentation for anything more that the basic user guide.

Has anyone successfully added a certificate to their WAP321? Or does anyone have any ideas on what I'm missing?

Thank you in advance!

3 Replies 3

Tom Watts
VIP Alumni
VIP Alumni

Hi Chris,

Does your AP have a static IP address? The common name needs to match the IP otherwise it won't work.

Additionally, can you generate the SSL certificate from the AP, make your browser accept it and verify the certificate status on the AP?

-Tom

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

Hello

same here - how can we apply 3-party signed (we usually use wildcard certifictes from verysign like *.example.org) SSL certificates to our WAP321?

There is no  option to upload PKCS#12 private/public key/cert containers. There is  also no option to generate SSL certificate requests on the device  itself. Can somebody advice us, how to apply 3-party signed certificates to  the APs? Especially when the Capitive Portal (Guest Access for our  Clients) is used, providing trusted SSL cert is essential. And no, we do not use IPs but DNS names.

-Raphael

PS: by the way - in the new firmware (1.0.1.10) access via SSH seems to be gone? why is this the case?!?

I found a way to upload the certificate, actually only by chance. It's the same format as for HP ProCurve switches.

You need to upload the certificate and the private key in one file in PEM format. 

To combine them simply:

cat private.key wap-cert.cert > cert-with-key.pem

 

Although quite late, but I hope it will help somebody else googleing the same problem.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: