Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4707
Views
0
Helpful
2
Replies

Web Auth with wild card Certificate?

wuyuke1982
Level 1
Level 1

‎01-18-2011 04:54 AM - edited ‎07-03-2021 07:41 PM

Hi guys

I have a customer, who wish to use his company's own cert for the web auth.

his company buy a wild card cert from a well known third party CA.

for example, the company name is ABC.com. the command name for the wild card cert is *.ABC.com.

we have tried to generate a cert for the WLC, add dns entry (wifi.ABC.com) to the web auth virtual ip address.

when upload the cert, we always get error messages, it says "private key decode failed"," key extraction failed".

the compay's own IT guy told me he have already generated a few certs from the wild card cert for their in house servers,

which works right away. but somehow, it is not working for WLC web auth.

I have looked through this forum for any post related to web auth cert, it seems like none of them is similar

to my case.

my question is

1. could we use the wild card cert to generate the cert needed by the WLC web auth? or they need to buy seperate

cert for the web auth? following the step by step of this link?

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00806e367a.shtml

2. if wild card cert is fine, what is the correct way to make it work?

thanks

2 people had this problem
Labels:
0 Helpful
2 Replies 2

Stephen Rodriguez
Cisco Employee
Cisco Employee

‎01-18-2011 06:30 AM

Yes, you can use a wildcard cert for guest access on the WLC.  Since you already have the certificate, you need to follow from step 6 in the Generate CSR section.  So long as the site has the password file used when they generated the original wildcard request, you just need to bundle that with the cert and use the proper passwords.

  In my experience, most times this is failing is due to a password being typed incorrectly.

Cheers,
Steve

--

If  this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful

George Stefanick
VIP Alumni
VIP Alumni

‎01-18-2011 11:49 AM

Yuke,

here is a step by step that I just did on a 3rd party cert creation. This could be helpful for you ...

http://www.my80211.com/home/2011/1/16/wlcgenerate-third-party-web-authentication-certificate-for-a.html

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card