Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3059
Views
0
Helpful
8
Replies

Generate CSR on WLC 5520 running 8.5.151.0

Tarun1
Level 1
Level 1

‎02-23-2020 03:13 PM - edited ‎07-05-2021 11:45 AM

Hi,

I am in the process of renewing our web authentication certificate and want to generate a CSR using the WLC. I figured out that the command is

config certificate generate csr-webauth [ISO Country Code] [State/Province] [Locality/City] [Organization Name] [Organization Unit] [Common Name] [Email Address]

The issue is my organization name has multiple words with spaces, say "ABC Sporting Group". How will I go about entering the organization NAME considering there are no commas separating various details required for generating the CSR.

Thank you in advance.

Labels:
0 Helpful
8 Replies 8

Scott Fella
Hall of Fame
Hall of Fame

‎02-23-2020 05:52 PM

You should generate your csr using OpenSSL or OpenSSL light. There are online tools by certificate authorities that allow you to generate a csr.
-Scott
*** Please rate helpful posts ***
0 Helpful

Tarun1
Level 1
Level 1
In response to Scott Fella

‎02-23-2020 06:41 PM

Hey Scott,

Appreciate that there are other options/alternatives. In fact I used OpenSSL with previous cert renewals. The ability to generate CSR on the WLC is a nice secure and convenient option so I was hoping to make use of this feature.

Lets see if someone else chimes in.

Cheers

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to Tarun1

‎02-23-2020 07:11 PM

Since there is no delimiter available, you will need to use a underscore “_” or hyphen “-“.
-Scott
*** Please rate helpful posts ***
0 Helpful

Tarun1
Level 1
Level 1
In response to Scott Fella

‎02-23-2020 08:27 PM

Thanks Scott but unfortunately its a no go. I get the below when using underscore/hyphen - 

 

Incorrect input! Use 'config certificate generate csr-webauth country-name state city organization organization-unit common-name support-email RSA/ECDSA'

 

Cheers

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to Tarun1

‎02-23-2020 08:44 PM

Okay... seems like they built the feature to only support a single word with no symbols.
-Scott
*** Please rate helpful posts ***
0 Helpful

Tarun1
Level 1
Level 1
In response to Scott Fella

‎03-02-2020 06:41 PM

@Scott Fella  Figured out that the command works – organization name can be enclosed within single/double quotes (‘/”) and also specifying the key type (RSA) is mandatory.

 

For example -

config certificate generate csr-webauth BE BR Brussels 'Cisco Pty Ltd' TAC mywebauthportal.wireless.com tac@cisco.com RSA

 

or

 

config certificate generate csr-webauth BE BR Brussels "Cisco Pty Ltd" TAC mywebauthportal.wireless.com tac@cisco.com RSA

 

Cheers

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to Tarun1

‎03-03-2020 05:15 AM

There you go! Good job at finding the fix!
-Scott
*** Please rate helpful posts ***
0 Helpful

Tarun1
Level 1
Level 1

‎02-26-2020 08:34 PM

If it is of any help I found that there is a GUI option as well to generate a CSR. Once generated the CSR can be uploaded to a FTP/SFTP repository.

Unfortunately this option did not work for me. When I check the CSR generated this way the organisation name is truncated and also the country code is missing.

 

CSR_GUI.png

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card