Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

10801
Views
10
Helpful
6
Replies
Highlighted
mmartinez
mmartinez Beginner
Beginner
‎03-12-2009 11:57 AM
‎03-12-2009 11:57 AM

Issue installing a SSL certificate on WLC

I have a certificate obtained from verisign for logging in a wireless campus network, and I'm installing it via TFTP to the WLC. At the end of the transference appear the next message

"TFTP WPS Signature file transfer starting.

TFTP receive complete... updating WPS signatures.

Error in signature file. Please check message log"

In WLC log files apears the next issues:

Thu Mar 12 15:39:55 2009 [ERROR] sig.c 758: ERROR reading revision number from new signature file

Thu Mar 12 15:39:55 2009 [ERROR] sig.c 531: ERROR parsing revision number

Thu Mar 12 15:39:55 2009 [ERROR] sig.c 459: ERROR: No value specified for token Bag Attributes

But I don't know what excactly that means, and how can I fix it.

For doing this work I followed a Cisco Guide for this approach, using the OpenSSL program.

0 Helpful
Reply
6 REPLIES 6
didyap
didyap Frequent Contributor
Frequent Contributor
‎03-18-2009 09:41 AM
‎03-18-2009 09:41 AM

Re: Issue installing a SSL certificate on WLC

To configures SSL certificates, use the config certificate command.

config certificate {generate {webadmin | webauth} | compatibility {on | off}}

Where generate {webadmin | webauth} Generates a new web administration certificate or a a new web authentication certificate.

compatibility {on | off} Enables or disables compatibility mode for inter-Cisco Wireless LAN controller ipsec

0 Helpful
Reply
mmartinez
mmartinez Beginner
Beginner
‎03-20-2009 06:52 AM
‎03-20-2009 06:52 AM

Re: Issue installing a SSL certificate on WLC

I fixed the last issue, but now the certificate is already in the WLC but is not installed, the log file says:

Fri Mar 20 10:33:11 2009 [ERROR] sig.c 758: ERROR reading revision number from new signature file

Fri Mar 20 10:33:11 2009 [ERROR] sig.c 531: ERROR parsing revision number

Fri Mar 20 10:33:11 2009 [ERROR] sig.c 459: ERROR: No value specified for token

The compatibility is on. The file is .crt for testing i've changed for .cer and .pem but any of them has been successful

0 Helpful
Reply
mmartinez
mmartinez Beginner
Beginner
‎03-20-2009 07:04 AM
‎03-20-2009 07:04 AM

Re: Issue installing a SSL certificate on WLC

In addition appears this lines, I think this is the real problem

Fri Mar 20 10:57:51 2009 [ERROR] updcode.c 777: 1 returned from ssh add function

Fri Mar 20 10:57:51 2009 [ERROR] sshpmcert.c 4257: unable to extract private key for webauth cert

Fri Mar 20 10:57:51 2009 [ERROR] sshpmcert.c 3750: SSHPM: failed to decode private key

0 Helpful
Reply
jesav
jesav Beginner
Beginner
‎10-28-2010 01:04 PM
‎10-28-2010 01:04 PM

Re: Issue installing a SSL certificate on WLC

No news?

We have the same issue here : unable to extract private key...

Thanks,

0 Helpful
Reply
Nicolas Darchis
Nicolas Darchis Cisco Employee
Cisco Employee
‎10-28-2010 11:09 PM
‎10-28-2010 11:09 PM

Re: Issue installing a SSL certificate on WLC

This either a wrong key you entered when importing the certificate or a malformed certificate.

I fixed this once with OpenSSL by exporting the pem certificate back to pkcs12 format and then again to pem, regenerating the key shared secret and it worked.

If having trouble with that, I'd suggest opening a TAC case to get help.

Nicolas

===

Please rate answers that you find useful

0 Helpful
Reply
Scott Fella
Hall of Fame Master Scott Fella Hall of Fame Master
Hall of Fame Master
‎10-29-2010 05:33 AM
‎10-29-2010 05:33 AM

Re: Issue installing a SSL certificate on WLC

Make sure you don't use OpenSSL v1.0.  Use v9.8o light... v1.0 will give you that error you are seeing.

http://www.slproweb.com/products/Win32OpenSSL.html

-Scott
*** Please rate helpful posts ***
Reply
Latest Contents
Access Point 1832I can't open GUI
Created by a6z69@yahoo.com on 12-10-2019 03:17 AM
0
0
0
0
Dear All,             We trying to configure new access point cisco 1832I but can't login Gui and from controller can't pass voice vlan and data vlan from Groups.     &nb... view more
Community Live video- Understanding How Multicast Works with...
Created by hiarteag on 11-21-2019 08:10 PM
0
0
0
0
Community Live video- Understanding How Multicast Works with Cisco Wireless LAN Controllers (Live event - formerly known as Webcast-  Tuesday November 19, 2019 at 9 am Pacific/ 12 pm Eastern / 6 pm Paris) This event had place on Tuesday 19th, Novembe... view more
WLCCA v 4.4.15
Created by Javier Contreras on 11-21-2019 07:44 AM
0
0
0
0
New Version for the Wireless Lan Config Analyzer: v.4.4.15 November 2019   Supports AireOS up to 8.8, any model.   Fixes:   Error parsing AP list with location with spaces Shows AP with no RF information in RF stats, instead of dire... view more
Community Live slides- Understanding How Multicast Works wit...
Created by ciscomoderator on 11-19-2019 08:16 AM
0
0
0
0
Community Live slides- Understanding How Multicast Works with Cisco Wireless LAN Controllers (Live event - formerly known as Webcast-  Tuesday November 19, 2019 at 9 am Pacific/ 12 pm Eastern / 6 pm Paris) This event had place on Tuesday 19th, Novemb... view more
Ask Me Anything event- Understanding How Multicast Works wit...
Created by ciscomoderator on 11-19-2019 08:12 AM
0
0
0
0
To   participate   in this event, please use the   button   to ask your questions This topic is a chance to discuss more about the foundation to understand how multicast works when using Cisco Wireles... view more
CreatePlease to create content
Discussion
Blog
Document
Video
Content for Community-Ad

August's Community Spotlight Awards