cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1764
Views
5
Helpful
5
Replies
Highlighted

HTTPS Problem with wlc 5520

Hi

i have 2 wlc that are configured in HA. after HA setup, HTTPS is not working and only HTTP is working correctly.

i've done these things:

1- regenerate Certificate

2- Disabling and Enabling HTTPS

3- Upgrade software to 8.2 last released

 but problem still remains.

Regards

5 REPLIES 5
Highlighted

I have the same situation with 5520 in HA mode. Any solution for that?

Highlighted
Cisco Employee

Can you share the output of "show certificate summary"and "show certificate webadmin"

Highlighted

Hello,

 

To make it work I have changed the cipher to RC4 executing following command

 

config network secureweb cipher-option rc4-preference enable

 

It would be great to not use RC4 because of company security policies. If you have any ideas please let me know. Below outputs which you requested for.

 

(WLC) >show certificate summary
Web Administration Certificate................... 3rd Party
Web Authentication Certificate................... Locally Generated
Certificate compatibility mode:.................. off
Lifetime Check Ignore for MIC ................... Disable
Lifetime Check Ignore for SSC ................... Disable

(WLC) >show certificate webadmin
Show Web Admin!

WebAdmin Device Certificate details:

Subject Name :
C=US, O=Cisco Systems Inc., OU=DeviceSSL (WebAdmin), CN=169.254.1.1
Issuer Name :
C=US, O=Cisco Systems Inc., OU=DeviceSSL (WebAdmin), CN=169.254.1.1
Serial Number :
8E393F17
Validity :
Start : Aug 23 00:00:01 2017 GMT
End : Aug 23 00:00:01 2027 GMT
Signature Algorithm :
sha256WithRSAEncryption
Hash key :
SHA1 Fingerprint : 20:b9:b0:31:bb:a4:08:86:9c:65:e7:17:69:58:db:ae:f9:22:9f:88
MD5 Fingerprint : 2b:6c:63:85:62:ef:9b:b9:a2:af:cc:35:40:56:da:89

Highlighted

Hi Adam,

You do not see anything on the browser (with rc4 disabled) or you get a certificate warning?

Highlighted

Hello,

 

I revoked the changes applied to reproduce the issue and I have noticed that with settings which were used before, it started working:

 

(WLC) >show network summary
DNS Server IP...............................
Web Mode.................................... Disable
Secure Web Mode............................. Enable
Secure Web Mode Cipher-Option High.......... Disable
Secure Web Mode Cipher-Option SSLv2......... Enable
Secure Web Mode RC4 Cipher Preference....... Disable
Secure Web Mode SSL Protocol................ Disable

 

I don't know what was changed and why it didn't work before. It seems that it works fine now.

Content for Community-Ad