cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
568
Views
0
Helpful
6
Replies
studmuffin
Beginner

Cisco 2504 SSL Certificate PFSense

Is it possible to Sign a Cisco WLC 2504 Web GUI Certificate with pf sense Root Ca or Sub CA I really dont know much about the standards for certs and I am having a hard time understanding what kind of cert the WLC wants

6 REPLIES 6
Scott Fella
Hall of Fame Master

With any cert, especially for management, the root ca must be trusted on the device. Typically you purchase a known certificate from one of these trusted cert vendors like Verisign, GoDaddy, etc. this way a normal device already trust that root ca. The pfsense is not a trusted ca in any device, but if you use that or any other than is not already in the trusted cert store, then you need to manually add that to devices that will be accessing the 2504 UI. Question is, why do you want to change it, there is no harm with getting an error. However, if you do want to get rid of the error, just search and look at some blogs on uploading a certificate for the management web access.
-Scott
*** Please rate helpful posts ***

I dont get that all other devices i have to dont require the root sub and server certificate but this one does i dont get how to do it htough

If you want to use a trusted certificate for web admin, then purchase one. All it is is an ssl certificate and you can use OpenSSL to generate the csr or any other tool you might be familiar with. Then follow this guide to upload the new cert which needs to be .pem formate.

https://community.cisco.com/t5/wireless-mobility-blogs/installation-of-ssl-webadmin-cert-on-cisco-wlc/ba-p/4084828
-Scott
*** Please rate helpful posts ***

Okay The one thing i am confused about it i have the .crt file that was signed by pfsense now i need to convert it to pem but every tutorial i read requires some sort of root certificate i dont get that part

I don’t think you should use that cert as the root which should be on pfsense is not trusted.

If you are looking for the pfsense root ca, you should reach out in their forum to find out how to get that.
-Scott
*** Please rate helpful posts ***

What do u mean by that PFsense is a trusted platform and it is acting as my certificate authority locally i am not trying to do this over the internent just on my internal network pfsense is acting line windows server certificate authority

Content for Community-Ad