Web Auth Cert Download

Grayson Wells · ‎11-25-2012

I have a verasign cert that I put on all my old bbsm's for guest portal access via https. I wanted to put that cert on my 5508 controller as well for the same purpose. But when I try to download it I get a message saying it failed, even though the tftp server says the transfer was completed successfully. I am using a .pem file and do not see any logs stating why it failed. I am not generating a CSR, this is just a web cert that is used over multiple machines, so it isn't a true identity cert.

Scott Fella · ‎11-25-2012

You still need to process the certificate as stated in step 7 of this document. If your trying to use a certificate for multiple devices, then it has to be a wildcard cert.

http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a77592.shtml

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

Grayson Wells · ‎11-25-2012

I am seeing a log that essentially says it can't decode the private key... But I am 99 percent sure this password is corrent. Are there any other reasons I would get these logs other than a wrong password?

*TransferTask: Nov 25 15:51:56.940: #UPDATE-3-CERT_INST_FAIL: updcode.c:1595 Failed to install Webauth certificate. rc = 1

*TransferTask: Nov 25 15:51:56.940: #SSHPM-3-KEYED_PEM_DECODE_FAILED: sshpmcert.c:4055 Cannot PEM decode private key

Scott Fella · ‎11-25-2012

If you followed step 7 and it successfully created a pem file then the only other reason you get this is the password not matching.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Grayson Wells · ‎11-25-2012

I have it fixed now. The problem was the cisco only supports openssl 0.9.8x. I was using 1.0.1c. I used 0.9.8x and it worked perfectly fine.