01-24-2018 02:07 AM - edited 07-05-2021 08:09 AM
Hello
I have a WLC 5520 SSO installation with 8.5.103 installed and generated the CSR over gui. After i installed the .pem file the controller rebooted and i was able to login with https. When i did the failovertest i was unable to login over https to the secondary controller. I checked on the cli the cert looks fine. The secondary controller syncronized all correct
are there any know problems.
Regards,
Bernhard
01-24-2018 02:21 AM
01-24-2018 02:31 AM
Hello
This means i Break up then both WLCs hostname is for ex WLC 1 and 2 and i generate a new csr for wlc2 and upload the signed one? After that i create the redundancy again?
Regards,
Bernhard
01-24-2018 02:33 AM
01-24-2018 02:24 AM
Hi @bern.rain
It seems that the certificate is not replicated. Cisco docs states:
"Device and root certificates are not automatically synced to the Standby controller."
"APs with LSC certificates are supported. The controller's LSC certificate and SCEP configuration must be implemented on the active and standby controllers before activating SSO."
"The download of certificates should be done separately on each box and should be done before pairing"
https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html
-If I helped you somehow, please, rate it as useful.-
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide