Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
878
Views
0
Helpful
1
Replies

Error installing Webauth Certificate on WLC 5508

Udo_DMG
Level 1
Level 1

‎01-20-2020 01:45 AM - edited ‎07-05-2021 11:33 AM

Hi Community,

I know it is a always existing issue. I read in advance a lot of entries, but without any success.

I created a certificate with a chain with and want to install it on the WLC as webauth. The certificate is also valid for webadmin and this works fine. The chain is valid, everything.

The chain is like this this:

root authority

    Policy authority

       Enterprise authority

          device certificate

 

If i want ot install it as webauth, i get the following messages:

 

FTP receive complete... Installing Certificate.
*TransferTask: Jan 20 10:44:21.271: [PA] RESULT_CODE:13

*TransferTask: Jan 20 10:44:25.272: [PA] Adding cert (7400 bytes) with certificate key password.

*TransferTask: Jan 20 10:44:25.272: [PA] Add WebAuth Cert: Adding certificate & private key using password Und3rt4k3r
*TransferTask: Jan 20 10:44:25.272: [PA] Add ID Cert: Adding certificate & private key using password Und3rt4k3r
*TransferTask: Jan 20 10:44:25.272: [PA] Add Cert to ID Table: Adding certificate (name: bsnSslWebauthCert) to ID table using password Und3rt4k3r
*TransferTask: Jan 20 10:44:25.272: [PA] Add Cert to ID Table: Decoding PEM-encoded Certificate (verify: YES)
*TransferTask: Jan 20 10:44:25.273: [PA] Decode & Verify PEM Cert: Cert/Key Length was 0, so taking string length instead
*TransferTask: Jan 20 10:44:25.273: [PA] Decode & Verify PEM Cert: Cert/Key Length 7400 & VERIFY
*TransferTask: Jan 20 10:44:25.277: [PA] Decode & Verify PEM Cert: X509 Cert Verification return code: 0
*TransferTask: Jan 20 10:44:25.277: [PA] Decode & Verify PEM Cert: X509 Cert Verification result text: unable to get local issuer certificate
*TransferTask: Jan 20 10:44:25.278: [PA] Decode & Verify PEM Cert: Error in X509 Cert Verification at 0 depth: unable to get local issuer certificate
*TransferTask: Jan 20 10:44:25.279: [PA] Add Cert to ID Table: Error decoding (verify: YES) PEM certificate
*TransferTask: Jan 20 10:44:25.279: [PA] Add ID Cert: Error decoding / adding cert to ID cert table (verifyChain: TRUE)
*TransferTask: Jan 20 10:44:25.279: [PA] Add WebAuth Cert: Error adding ID cert
*TransferTask: Jan 20 10:44:25.280: [PA] RESULT_STRING: Error installing certificate.


*TransferTask: Jan 20 10:44:25.280: [PA] RESULT_CODE:12


Error installing certificate.

 

Thank you for helping me in this issue

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Scott Fella
Hall of Fame
Hall of Fame

‎01-20-2020 03:17 AM

For webauth, the chain is built in reverse... starting with

device cert
intermediate cert
intermediate cert
root cert
-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card