04-30-2010 11:49 AM - edited 07-03-2021 06:46 PM
Does Cisco WLC 5508 runnig code 6.0.196.0 allows you to generate CSR? Or do you have to use OPENSSL like in previous versions?
07-29-2010 04:52 PM
Hey guys,
After troubleshooting this with a TAC, we found out that Chained Certificates is not supported on the WLC till today. Not even on the latest version 7.0. I think I managed to upload the chained certificate successfully once but it still wouldn't work. It is a bug and still hasn't been resolved for Chained Certificates.
10-06-2010 09:22 AM
up to Level 2 Chained certificates are supported on WLCs running 5..1.151.0 or later code
Certificate Levels
Level 0—Use of only a server certificate on WLC.
Level 1—Use of server certificate on WLC and a CA root certificate.
Level 2—Use of server certificate on WLC, one single CA intermediate certificate, and a CA root certificate.
Level 3—Use of server certificate on WLC, two CA intermediate certificates, and a CA root certificate. Level 3 or higher is not supported on WLCs.
Changes have been made in openssl version 1.0.x which is not backwards compatible with previous versions of openssl.
So if you are using openssl version 1.0.x to create the final-cert.pem, this will not be supported with the WLC.
If you use openssl version 0.9.8, then you will be able to build the final-cert.pem and be able to load it on the WLC.
The following product enhancement request (PER) has been created for the WLC.
http://cdetsweb-prd.cisco.com/apps/goto?identifier=CSCti65315CSCti65315 - Need Support for certificates generated using OpenSSL v 1.0
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide