02-24-2010 12:06 PM - edited 07-03-2021 06:33 PM
AT a client site we have a 4402 running and have recently upgraded to 6.0. After upgrading when users connect to the guest network and open a web browser to be redirected to the login page they get the certificate error page in internet explorer then after clicking continue, they get the login page. Has anyone seen why the certificate errors occurs on the guest network?
Solved! Go to Solution.
02-28-2010 02:31 PM
The cert gives the error as its a Cisco cert and wont be in the client such as a Veisign cert would.
You can deploy an open SSL cert to the WLC or diasable https and just use JTTP but the latter is not recomended.
02-28-2010 02:31 PM
The cert gives the error as its a Cisco cert and wont be in the client such as a Veisign cert would.
You can deploy an open SSL cert to the WLC or diasable https and just use JTTP but the latter is not recomended.
03-01-2010 07:43 AM
Thanks for your reply. The issue is that the certificate error is occuring on the Web Authentication page for the Guest Wireless Network not for the login page for the actual controller. So a guest connects to the wireless entwork and opens a web browser and then instead of the weblogin page they get the certificate error page.
03-01-2010 01:30 PM
If the user accepts the certificate does it take them to the login page? If so this is
all normal.
To keep the https wlc login capability I would suggest using the openssl cert
Below shows how to install an open ssl cert and also the guest access deployment guide
http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a77592.shtml
03-01-2010 01:45 PM
I agree that normal functionality of the controller is that you see the certificate error and click to accept and continue when logging in to the web interface. We are seeing this when logging opening a web browser as a guest and getting the guest user web authentication screen, which I have not seen happen on any controller I have worked on previously. See attachments.
03-01-2010 02:35 PM
No attachments!!
03-03-2010 11:30 AM
Unless you have installed a 3rd party certificate, you will always get certificate error because the built-in Cisco certificate is not a trusted certificate in Windows or MAC's. Now if you did have a 3rd party certificate installed, maybe the upgrade corrupted the cert or returned the certificate back to default Cisco. Look at the certificate in the WLC and see what certificate is being used.
03-03-2010 11:42 AM
I actually spoke with Cisco about this and previous versions of the controller software did not require a third-party certificate for the Web Authentication Page for a Guest network, hoever starting with 4.2.X they are now using SSL Version 3 so there is no way around it, other than purchasing a certificate or turning off the Secure Web piece.
Thanks for your responses.
03-03-2010 11:49 AM
So your client was on a 3.x code and you upgraded to a 6.x? Its been a while since I touched 3.x, but maybe they didn't do secure web back then. I know that they generate their own certificate still so that would still generate an error prior to getting the web-auth page. Oh well... you have it under control.
03-03-2010 11:53 AM
We were actually on 4.1.185 which did not require the secure web for the web authentication securtiy method.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide