11-25-2012 01:37 PM - edited 07-03-2021 11:06 PM
I have a verasign cert that I put on all my old bbsm's for guest portal access via https. I wanted to put that cert on my 5508 controller as well for the same purpose. But when I try to download it I get a message saying it failed, even though the tftp server says the transfer was completed successfully. I am using a .pem file and do not see any logs stating why it failed. I am not generating a CSR, this is just a web cert that is used over multiple machines, so it isn't a true identity cert.
11-25-2012 01:52 PM
You still need to process the certificate as stated in step 7 of this document. If your trying to use a certificate for multiple devices, then it has to be a wildcard cert.
http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a77592.shtml
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
11-25-2012 01:58 PM
I am seeing a log that essentially says it can't decode the private key... But I am 99 percent sure this password is corrent. Are there any other reasons I would get these logs other than a wrong password?
*TransferTask: Nov 25 15:51:56.940: #UPDATE-3-CERT_INST_FAIL: updcode.c:1595 Failed to install Webauth certificate. rc = 1
*TransferTask: Nov 25 15:51:56.940: #SSHPM-3-KEYED_PEM_DECODE_FAILED: sshpmcert.c:4055 Cannot PEM decode private key
11-25-2012 03:52 PM
If you followed step 7 and it successfully created a pem file then the only other reason you get this is the password not matching.
Sent from Cisco Technical Support iPhone App
11-25-2012 04:59 PM
I have it fixed now. The problem was the cisco only supports openssl 0.9.8x. I was using 1.0.1c. I used 0.9.8x and it worked perfectly fine.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide