Showing results for 
Search instead for 
Did you mean: 

Cisco WLC EAP-TLS configuration

Level 1
Level 1
I need help. I'm trying to configure virtual WLC for EAP-TLS authentication. I configured that, but I don't know where I can set CRL (certificate revocation list) or OCSP (Online Certificate Status Protocol). I must to use this technolodgy for deny access for laid-off employees.
4 Replies 4

Abhishek Abhishek
Cisco Employee
Cisco Employee

Please refer to the link for configuring Cisco WLC EAP-TLS-

Thanks, but I saw this post. The question about CRL and OCSP is open.


Level 1
Level 1

as far as i know, they are embedded into the properties of each certificate. Look for the details of it.

 it will be your RADIUS (NPS, ISE or WLC if doing the end tunnel termination) the one that request the CRL via http or ldap.


hope it helps

CRL and OCSP are both part of the certificate itself. Your CA must add the URL for these services when the cert is generated. The WLC does not get configured with the URL for these services. The WLC simply knows the Radius Server IP(s) and has the root cert installed so it can handle the TLS authentication. 

Review Cisco Networking for a $25 gift card