Hello,

To make it work I have changed the cipher to RC4 executing following command

config network secureweb cipher-option rc4-preference enable

It would be great to not use RC4 because of company security policies. If you have any ideas please let me know. Below outputs which you requested for.

(WLC) >show certificate summary
Web Administration Certificate................... 3rd Party
Web Authentication Certificate................... Locally Generated
Certificate compatibility mode:.................. off
Lifetime Check Ignore for MIC ................... Disable
Lifetime Check Ignore for SSC ................... Disable

(WLC) >show certificate webadmin
Show Web Admin!

WebAdmin Device Certificate details:

Subject Name :
C=US, O=Cisco Systems Inc., OU=DeviceSSL (WebAdmin), CN=169.254.1.1
Issuer Name :
C=US, O=Cisco Systems Inc., OU=DeviceSSL (WebAdmin), CN=169.254.1.1
Serial Number :
8E393F17
Validity :
Start : Aug 23 00:00:01 2017 GMT
End : Aug 23 00:00:01 2027 GMT
Signature Algorithm :
sha256WithRSAEncryption
Hash key :
SHA1 Fingerprint : 20:b9:b0:31:bb:a4:08:86:9c:65:e7:17:69:58:db:ae:f9:22:9f:88
MD5 Fingerprint : 2b:6c:63:85:62:ef:9b:b9:a2:af:cc:35:40:56:da:89

Hi Adam,

You do not see anything on the browser (with rc4 disabled) or you get a certificate warning?

Hello,

I revoked the changes applied to reproduce the issue and I have noticed that with settings which were used before, it started working:

(WLC) >show network summary
DNS Server IP...............................
Web Mode.................................... Disable
Secure Web Mode............................. Enable
Secure Web Mode Cipher-Option High.......... Disable
Secure Web Mode Cipher-Option SSLv2......... Enable
Secure Web Mode RC4 Cipher Preference....... Disable
Secure Web Mode SSL Protocol................ Disable

I don't know what was changed and why it didn't work before. It seems that it works fine now.