05-26-2010 02:34 AM - edited 07-03-2021 06:49 PM
Hi
I am trying to install a webauth certificate on a WLC (5508 6.0.188).
I followed the "Generate CSR for Third-Party Certificates and Download Unchained Certificates to the WLC" document.
But when I try to upload the .pem file i get "the" "error installing certificate" promt.
I did not have any errors using OpenSSL.
Is there any debug commands that can help clearify the issue.
The Solution provided in this discussion has been added in the following Blog:-
Solved! Go to Solution.
06-09-2010 08:40 AM
I was having the same problem and worked on it for probably 8 hours trying numerous different solutions and this is what fixed it for me.
This was a renewal cert, so it was my second time install a cert to my WLC and I made the mistake of not keeping my original copy of OpenSSL that worked for me the first time. Don't make the mistake I made and KEEP a copy of the OpenSSL version that works for you. That will make cert renewal much easier for you.
06-09-2010 08:40 AM
I was having the same problem and worked on it for probably 8 hours trying numerous different solutions and this is what fixed it for me.
This was a renewal cert, so it was my second time install a cert to my WLC and I made the mistake of not keeping my original copy of OpenSSL that worked for me the first time. Don't make the mistake I made and KEEP a copy of the OpenSSL version that works for you. That will make cert renewal much easier for you.
07-14-2011 07:46 AM
You legend!!! Worked a treat, the only thing I did differently was to run the OPENSSL program as an administaror (right click, run as..)
07-14-2011 12:38 PM
For furture searches I have included this link .. I did a complete step by step process with screen shots ...
06-15-2010 12:41 PM
Open SSL v 1.x seems to cause issues. I know I have always used v0.9.8. I have also asked that the CSR doc have notes added to them mentioning issues with 1.x.
Thanks,
Lee
06-15-2010 12:52 PM
FYI, I just checked the chained and unchaing CSR doc for the WLC and both do now contain a note about using v0.9.8:
Complete these steps in order to generate a CSR:
Install and open the OpenSSL application. In Windows, by default, openssl.exe is located at C:\ > openssl > bin.
Note: Cisco recommends that you use OpenSSL v0.9.8 for Windows.
Lee
01-07-2011 12:32 PM
OpenSSL 1.0 absolutely didn't work for me. My RapidSSL cert only installed under 0.98. Thanks for the help!
10-16-2011 10:06 AM
Hello All,
Thanks for sharing this useful information. I have added all this information and created a short Blog so that all CSC customers will be able to use it.
Thanks,
Vinay Sharma
Community Manager- Wireless
10-19-2011 08:55 AM
One more thing....
Assuming we're using Windows version, the latest 0.9.8 binaries have a quirky difference in the way they reference the config file.
Pre 0.9.8h uses openssl.cnf
0.9.8h onwards uses openssl.cfg
However, the error msg still says its looking for "/path/openssl.cnf" for the latest versions - slightly confusing...
Add the command "-config openssl.cfg" for later versions
p.s. Hello Grev!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: