Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
18070
Views
0
Helpful
9
Replies

TLS 1.2 on WLC GUI Management Interface

Go to solution
Ricardo Ramos
Level 1
Level 1

‎03-24-2016 03:43 PM - edited ‎07-05-2021 04:49 AM

Hello, I have a WLC 5508 with Software Version 8.0 and recently I installed a certificate for the Management Interface of the WLC. I can see that the connection used TLS 1.0, I want to change it to TLS 1.2. Anyone know how I can change to TLS 1.2?

I only found this document, but I think that I need to upgrade to version 8.2

http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone/ssl-tls-vulnerability-response.pdf

Thanks

2 people had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Ricardo Ramos

‎03-28-2016 06:22 AM

I don't thing they were recommending v8.2, they were just stating what version it was fixed. The link you had is a good link to follow on what is a preferred code.  The only reason you would use another version is because of features you require or support for a new hardware. It's a trade off as to wanting features and having stability.

-Scott

*** Please rate helpful posts ***

-Scott
*** Please rate helpful posts ***

View solution in original post

0 Helpful
9 Replies 9

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎03-26-2016 07:30 PM

TLS 1.2 is not supported on AireOS 8.0.

Release 8.2 added that support as documented in the release notes here:

http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/crn82.html

0 Helpful

Go to solution
Ricardo Ramos
Level 1
Level 1
In response to Marvin Rhoads

‎03-27-2016 09:18 PM

Thanks Marvin, It's recommended to upgrade to AireOS 8.2? This version is stable? I found a link where Cisco TAC recommended 8.0.121.0. and 8.2 is only recommended for deployments that require new features or hardware support.

http://www.cisco.com/c/en/us/support/docs/wireless/wireless-lan-controller-software/200046-TAC-Recommended-AireOS.html

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Ricardo Ramos

‎03-28-2016 06:22 AM

I don't thing they were recommending v8.2, they were just stating what version it was fixed. The link you had is a good link to follow on what is a preferred code.  The only reason you would use another version is because of features you require or support for a new hardware. It's a trade off as to wanting features and having stability.

-Scott

*** Please rate helpful posts ***

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Ricardo Ramos

‎03-28-2016 06:27 AM

Precisely - echoing Scott's reply.

Also be sure to check your APs for code support. Some older APs will not run post-8.0 software.

0 Helpful

Go to solution
gnijs
Level 4
Level 4
In response to Marvin Rhoads

‎04-05-2019 02:12 AM - edited ‎04-05-2019 02:14 AM

Too bad Cisco didn't port back TLS1.2 to 8.0 or 8.1 release.

0 Helpful

Go to solution
alexandro.angel@softtek.com
Level 1
Level 1

‎12-17-2018 09:46 AM

Hi Team - Was anyone able to get rid of tlsv1.0?

 

Kind Regards,

0 Helpful

Go to solution
marce1000
VIP
VIP
In response to alexandro.angel@softtek.com

‎04-05-2019 07:51 AM

 

 - Not possible

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Go to solution
marce1000
VIP
VIP

‎04-05-2019 07:55 AM

 

 - As informative replies where already given, for demo purposes you can use this to enumerate the supported ciphers on your controller :

                %  nmap --script ssl-enum-ciphers -p 443 controllername

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card