Solved: SHA2 certificates and WebAuth with 7.4 code

g.peart · ‎07-08-2013

Hi All,

are SHA2 certificates supported on the 2504 and 5508, the reason is that I am doing WebAuth and the Certificate

I got from GoDaddy was an SHA1 signed by a Root CA (GO Daddy Class 2 Certification Authority Root Certificate) that

is not in the cert root store on the Android phones I am using, these phones only have the GO Daddy Root Certificate Authority - G2,

root cert in their certificate store, which only signs certificates as SHA2.

So if I get the certificate reissued will it be accepted by controller

TIA

Scott Fella · ‎07-09-2013

So the issue was how you initially generated the certificate, or you were just asking but didn't initially try it?

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

Scott Fella · ‎07-08-2013

I don't believe so. Sha1 as far as I know is the only type supported.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

g.peart · ‎07-09-2013

I got the certifcate re-keyed with SHA2, it uploaded fine to controller

and problems went away, So it looks like SHA2 works on WLC2504 with 7.4.100.0

Scott Fella · ‎07-09-2013

So the issue was how you initially generated the certificate, or you were just asking but didn't initially try it?

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

g.peart · ‎07-11-2013

I had read SHA2 wasn't supported on WLC so had it signed has SHA1, but Go Daddy SHA1 root wasn't in CTL of phone.