Re: Installing Third Party SSL Certificates for webadmin wlc ver 8.3.1

cperez · ‎12-29-2021

Hi, I am have a HA SSO scenario for two controller version 8.3.150, i Generate a CSR using the WLC itself to generate the CSR (Available after 8.3.102), according to WLC HA SSO deployment guide and due to certificates are not replicated from primary to secondary controller in a HA SSO scenario, can install two certificates single for each controller?.
Does this practice generate some kind of problem?

Thank.

Sandeep Choudhary · ‎12-29-2021

Normally it will not create any issue.

As per my experience I would recommend to generate CSR with OpenSSL and then signed it with your Enterprise CA or Thirdd party CA.

https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/109597-csr-chained-certificates-wlc-00.html#anc8

Regards

Don't forget to arte helpful posts

jagan.chowdam · ‎01-06-2022

Like Sandeep said, I'll always use OpenSSL to generate CSR. I'd a bad experience using Controller to create CSR and it didn't worked at all.

Once you get the CSR signed with your CA and get the required cert, the process is simple.

Install the cert on your primary -- redundancy force-switchover -- install the cert on your new primary (original HA) -- redundancy force-switchover.

Make sure the WLCs in Sync before issues switchover command.

CJ

/**Please rate all useful responses**/

Installing Third Party SSL Certificates for webadmin wlc ver 8.3.150