cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Installing a 3rd Party SSL Certificate for Guest Access - Presentation - Part 1/2

10943
Views
30
Helpful
10
Comments
10 Comments
Andrew Betz
Cisco Employee

Hi, I am having a problem with OpenSSL 0.9.8 (link which you provided above). First it was asking for openssl.cnf file but I was able to work out this issue. Now it freezes up and throws an error in eventvwr right after I put challenge password during CSR creation:

Faulting application openssl.exe, version 0.0.0.0, faulting module msvcrt.dll

Any help would be truly appreciated. Thanks! Kris

Andrew Betz
Cisco Employee

Hi Kris,

Looks like this one is a more general error that can occur on many Windows-based applications:

http://www.google.com/#q="version+0.0.0.0%2C+faulting+module+msvcrt.dll"

Here's an alternative OpenSSL port that may prove successful:

http://www.slproweb.com/products/Win32OpenSSL.html

Hope this helps!

Best,

Drew

Vinay Sharma
Rising star

thanks Andrew for sharing this useful information. Hope to see more in future :-).

Vinay

edondurguti
Enthusiast

Thanks for the Video,

Can I use the same CERT for WLC and for ISE ?

darin.marais
Enthusiast

hello Drew / can we use a wildcard third party certificate on the WLC 7.4 as oppose to a specific?

Andrew Betz
Cisco Employee

Hi Darin--

Absolutely, just make sure that you have the key file which was originally created with the wildcard (and, of course, all of the certs in the chain).

Drew

darin.marais
Enthusiast

hello again Drew,

Thank you for your reply and for your video.

This morning I have test the wildcard certificate and I am pleased to report that I have successfully imported the cert :).

The one thing to remember as you have pointed out in your video is to use openSSL 0.9.8.

I have used "OpenSSL 0.9.8y 5 Feb 2013"

ryan_genuino
Beginner

Hi Andrew,

Thank you for the information in your videos. Quick question. We have a customer who wishes to use wildcard certificate instead of specific certificates in their WLC since it's also expiring. I already have the 3rd party certificate signed by a CA. You mentioned that I need the key file that was originally created with the wildcard,  correct me if I'm wrong but are you referring to the private key that was generated along with the wildcard? How can I know if that key is the private key that goes originally with the wildcard? Also when you say all certs in the chain is the wildcard certificate given by the 3rd party CA itself composed of all the certs in the chain? (device, intermediate and root). I'm a little confused because I jwas just given the SSL certificate and told to load that certificate in the WLC. I don't have the private key and other pertinent details. 

Ryan

rafafilho11
Beginner

My certificate comes to me with the Device, intermediate and Root certificate, so I don't need to use open SSL to change anything, just "upload" it to the controller. Am I right ?

 

Inside a .pem file, how can I identify the components ?

Device Certificate
Intermediate Certificate
Root Certificate

Content for Community-Ad

This widget could not be displayed.