Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
331
Views
1
Helpful
2
Replies

Certificate for Captive Portal on WLC Guest WLAN

Erti14
Level 1
Level 1

‎02-05-2025 03:50 AM

I have a Guest WLAN created on my WLC. However when I connect to the wifi network the following is shown:

Erti14_2-1738756151026.jpeg

(Cisco Controller) >show certificate webadmin
Show Web Admin!

WebAdmin Device Certificate details:

Subject Name :
C=US, O=Cisco Systems Inc., OU=DeviceSSL (WebAdmin), CN=169.254.1.1
Issuer Name :
C=US, O=Cisco Systems Inc., OU=DeviceSSL (WebAdmin), CN=169.254.1.1
Serial Number (Hex):
8011D835
Validity :
Start : Oct 31 00:00:01 2024 GMT
End : Oct 31 00:00:01 2034 GMT
Signature Algorithm :
sha256WithRSAEncryption
Hash key :
SHA1 Fingerprint : be:3a:05:15:39:29:60:17:20:09:86:28:79:6b:b2:c8:49:76:a0:af
SHA256 Fingerprint : 50:09:ed:ff:b1:6c:b7:93:00:50:a3:21:d8:29:c0:18:eb:41:ce:29:61:0b:a1:a5:2a:0b:2a:e7:ea:70:d6:49

(Cisco Controller) >show certificate webauth
Show Web Auth!

WebAuth Device Certificate details:

Subject Name :
C=US, O=Cisco Systems Inc., OU=DeviceSSL (WebAuth), CN=192.168.1.100
Issuer Name :
C=US, O=Cisco Systems Inc., OU=DeviceSSL (WebAuth), CN=192.168.1.100
Serial Number (Hex):
8011D835
Validity :
Start : Jan 23 00:00:01 2025 GMT
End : Jan 23 00:00:01 2035 GMT
Signature Algorithm :
sha256WithRSAEncryption
Hash key :
SHA1 Fingerprint : d9:e0:47:b4:c9:62:2b:20:36:af:33:6d:1d:80:b4:5a:b5:3c:4b:ae
SHA256 Fingerprint : d3:71:5e:34:97:03:f3:40:2a:c0:52:51:bd:86:c2:2e:00:63:bc:7a:1e:09:13:2e:af:95:10:05:66:37:55:ac

(Cisco Controller) >

Labels:
0 Helpful
2 Replies 2

marce1000
Hall of Fame
Hall of Fame

‎02-05-2025 05:20 AM

 

  - Is this problem limited to a specific end device (model) or not ?
     What WLC type and software version are you using ?

  M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Haydn Andrews
VIP
VIP

‎02-05-2025 01:37 PM

You need a publically signed certificate for the guest portal. With a resolvable public DNS entry pointing to the virtual IP on the WLC (does not need to be reachable from the internet).

Check out this blog post on this topic

https://thewlan.com.au/2020/07/14/9800-local-webauth-certs/ 

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card