cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1400
Views
0
Helpful
6
Replies

Problem installing certificate .pem to WLC4404

Hi, im having several problems trying to upload my auth certificate to WLC. I tried upload to WLC but im having a error "ERROR INSTALLING CERTIFICATE" 

 

I have seen this link. Which it seems interesting to me but i cant access.. can someone tell me how to access here?????

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsy88149

 

thanks

6 Replies 6

This is the error

 

TFTP Webauth cert transfer starting.

 

TFTP receive complete... Installing Certificate.

*TransferTask: Jan 22 16:50:28.849: sshpmAddWebauthCert: Extracting private key from webauth cert and using bundled pkcs12 password.

 

*TransferTask: Jan 22 16:50:30.800: sshpmDecodePrivateKey: calling ssh_skb_decode()...

 

*TransferTask: Jan 22 16:50:32.716: sshpmDecodePrivateKey: SshPrivateKeyPtr after skb_decode: 0x31afbb70

 

*TransferTask: Jan 22 16:50:32.717: sshpmAddWebauthCert: got private key; extracting certificate...

 

*TransferTask: Jan 22 16:50:32.723: sshpmAddWebauthCert: extracted binary cert; doing x509 decode

 

*TransferTask: Jan 22 16:50:32.724: sshpmAddWebauthCert: doing x509 decode for 1319 byte certificate...

 

 

Error installing certificate.

 

Jesus:

Do you follow this steps:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00806e367a.shtml

if you still with the problem contact me =)

Abhishek Abhishek
Cisco Employee
Cisco Employee

You can try using DER = The DER extension is used for binary DER encoded certificates. These files may also bear the CER or the CRT extension.  

Saurav Lodh
Level 7
Level 7

similar issues :

https://supportforums.cisco.com/discussion/10811806/upload-pem-file-wlc

sobhardw
Cisco Employee
Cisco Employee

Please refer to the below Community :

https://supportforums.cisco.com/discussion/10811806/upload-pem-file-wlc

mohanak
Cisco Employee
Cisco Employee
Chained certificate can not have Wildcard * character in hostname
CSCsy88149

Symptom:
Web-Auth client (user laptop) while trying to do web redirection receives the error " There is a problem with the website's security certificate", although redirection is successful and user is allowed access.


Conditions:
Wireless client doing Web Authentication using IE6, IE7 or Firefox web browser and the WLC using uploaded third party certificate having wildcard * in the Hostname.


Workaround:
Use of a Hostname in the certificate without the wildcard param *. eg. wifi.longueuil.ca instead of *.longueuil.ca

Further Problem Description:
Web Authentication for Internal Guest access on a Wireless LAN Controller running code 5.2.178.0. 3rd party certificate including a wildcard * in the Hostname uploaded it to the WLC. The WLC accepts the certificate without error. When a client running IE6, IE7 or Firefox connects to the Guest WLAN, it receives the error "There is a problem with the website's security certificate". If they choose to continue the web authentication works and the user is allowed access.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: