Cisco WLC Web Admin certificate installation failiure

studmuffin · ‎05-28-2021

I am trying to replace my mic on my cisco wireless lan controller 2504 running os version 8.5.160

I am tying to create a csr using open ssl becuase i need the certificate to work with modern browsers chrome and opera GX and microsoft edge

I create the csr and sign it with windows ca and then convert it to pem but when i go to download it to the controller it says installation failed I am sending a config file of the open ssl config i used to see if there is anything wrong with it

The file has been converted from .cfg to .txt to upload to cisco's site

Rasika Nayanajith · ‎05-28-2021

Did you follow this document, if not pls check it

https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/109597-csr-chained-certificates-wlc-00.html

HTH

Rasika

*** Pls rate all useful responses ***

studmuffin · ‎05-28-2021

I followed the guide to the letter and got the certificate installed but it still is complaining

this is the result of the debug commands i tried it on all browsers and it keeps complaining about the comman name not being correct

This may take some time.
Are you sure you want to start? (y/N) y
*TransferTask: May 28 21:07:32.118: Memory overcommit policy changed from 0 to 1

*TransferTask: May 28 21:07:32.118: RESULT_STRING: TFTP Webadmin cert transfer starting.

TFTP Webadmin cert transfer starting.
*TransferTask: May 28 21:07:32.119: RESULT_CODE:1

*TransferTask: May 28 21:07:36.428: TFTP: Binding to remote=192.168.10.100

*TransferTask: May 28 21:07:36.441: TFP End: 9141 bytes transferred (0 retransmitted packets)

*TransferTask: May 28 21:07:36.441: tftp rc=0, pHost=192.168.10.100 pFilename=/final.pem
pLocalFilename=cert.p12

*TransferTask: May 28 21:07:36.577: RESULT_STRING: TFTP receive complete... installing Certificate.

*TransferTask: May 28 21:07:36.577: RESULT_CODE:13

*TransferTask: May 28 21:07:36.577: Adding cert (9069 bytes) with certificate key password.

*TransferTask: May 28 21:07:36.578: Add WebAdmin Cert: Adding certificate & private key using password Gi604132328
*TransferTask: May 28 21:07:36.578: Add ID Cert: Adding certificate & private key using password Gi604132328
*TransferTask: May 28 21:07:36.578: Add Cert to ID Table: Adding certificate (name: bsnSslWebadminCert) to ID table using password Gi604132328
*TransferTask: May 28 21:07:36.579: Add Cert to ID Table: Decoding PEM-encoded Certificate (verify: YES)
*TransferTask: May 28 21:07:36.579: Decode & Verify PEM Cert: Cert/Key Length was 0, so taking string length instead
*TransferTask: May 28 21:07:36.579: Decode & Verify PEM Cert: Cert/Key Length 9069 & VERIFY
*TransferTask: May 28 21:07:36.594: Decode & Verify PEM Cert: X509 Cert Verification return code: 1
*TransferTask: May 28 21:07:36.595: Decode & Verify PEM Cert: X509 Cert Verification result text: ok
*TransferTask: May 28 21:07:36.596: Add Cert to ID Table: Decoding PEM-encoded Private Key using password Gi604132328
*TransferTask: May 28 21:07:36.632: Add Cert to ID Table: Adding cert & key to ID cert table; current/max: 5/10
*TransferTask: May 28 21:07:36.632: sshpmGetIdCertIndex: called to lookup cert >bsnSslWebadminCert<

*TransferTask: May 28 21:07:36.632: sshpmGetIdCertIndex: found match in row 3

*TransferTask: May 28 21:07:36.632: Add Cert to ID Table: Deleting bsnSslWebadminCert (row 3) from ID cert table
*TransferTask: May 28 21:07:36.633: Free Row in ID Table: Freeing OpenSSL cert (X509 fn: 0x2ac08998 | DER fn: 0x2ab32528) from ID cert table (row 3)
*TransferTask: May 28 21:07:36.633: Free Row in ID Table: Freeing OpenSSL key (EVP_PKEY fn: 0x2abf0e70 | DER fn: 0x2ab32528) from ID cert table (row 3)
*TransferTask: May 28 21:07:36.634: Add Cert to ID Table: Adding new bsnSslWebadminCert cert & key to row 3 of ID cert table
*TransferTask: May 28 21:07:36.634: Add ID Cert: Writing DER-encoded ID cert to file /mnt/application/bsnSslWebadminCert.crt
*TransferTask: May 28 21:07:36.635: sshpmWriteCredentialFile: called to write </mnt/application/bsnSslWebadminCert.crt>; certptr 0x2c24183c, length 1622

*TransferTask: May 28 21:07:36.636: Add ID Cert: Writing DER-encoded ID private key to file /mnt/application/bsnSslWebadminCert.prv
*TransferTask: May 28 21:07:36.637: sshpmWriteCredentialFile: called to write </mnt/application/bsnSslWebadminCert.prv>; certptr 0x2c2430d8, length 1766

*TransferTask: May 28 21:07:36.639: Add ID Cert: Unlinking previously created ID PEM-encoded PKCS12 file webAdmin_p12.pem
*TransferTask: May 28 21:07:36.640: Add ID Cert: Created PEM-encoded ID PKCS12 file webAdmin_p12.pem
*TransferTask: May 28 21:07:36.640: RESULT_STRING: Certificate installed.
Reboot the switch to use new certificate.

*TransferTask: May 28 21:07:36.641: RESULT_CODE:11

*TransferTask: May 28 21:07:36.642: Memory overcommit policy restored from 1 to 0

Certificate installed.
Reboot the switch to use new certificate.