12-04-2019 02:21 AM - edited 07-05-2021 11:23 AM
Hello
I have a problem with install a new webauth certificate on wlc 5508.
I created a new file like in this document:
From Gui and from cli when i try to download and install it i got an success information.
File transfer operation completed successfully. For Certificates to take effect and SSL to work, you need to reboot system. Click Here to get redirected to reboot page.
After reboot of the controller i still see an old certyficate.
When i was enabled an debug i got something like that, but still dont know what is the cause and why new certificate is not installed correctly.
*TransferTask: Dec 03 13:33:43.187: Memory overcommit policy changed from 0 to 1 *TransferTask: Dec 03 13:33:43.187: RESULT_STRING: TFTP Webauth cert transfer starting. TFTP Webauth cert transfer starting. *TransferTask: Dec 03 13:33:43.187: RESULT_CODE:1 *TransferTask: Dec 03 13:33:47.222: TFTP: Binding to remote=192.168.40.100 *TransferTask: Dec 03 13:33:47.276: TFP End: 12043 bytes transferred (0 retransmitted packets) *TransferTask: Dec 03 13:33:47.276: tftp rc=0, pHost=192.168.40.100 pFilename=WLAN5508/final_5508.pem pLocalFilename=cert.p12 *TransferTask: Dec 03 13:33:47.333: RESULT_STRING: TFTP receive complete... Installing Certificate . *TransferTask: Dec 03 13:33:47.333: RESULT_CODE:13 TFTP receive complete... Installing Certificate. *TransferTask: Dec 03 13:33:51.335: Adding cert (11947 bytes) with certificate key password. *TransferTask: Dec 03 13:33:51.335: Add WebAuth Cert: Adding certificate & private key using password PASSWORD *TransferTask: Dec 03 13:33:51.335: Add ID Cert: Adding certificate & private key using password PASSWORD *TransferTask: Dec 03 13:33:51.336: Add Cert to ID Table: Adding certificate (name: bsnSslWebauthCert) to ID table using password PASSWORD *TransferTask: Dec 03 13:33:51.336: Add Cert to ID Table: Decoding PEM-encoded Certificate (verify: YES) *TransferTask: Dec 03 13:33:51.336: Decode & Verify PEM Cert: Cert/Key Length was 0, so taking string length instead *TransferTask: Dec 03 13:33:51.336: Decode & Verify PEM Cert: Cert/Key Length 11947 & VERIFY *TransferTask: Dec 03 13:33:51.365: Decode & Verify PEM Cert: X509 Cert Verification return code: 1 *TransferTask: Dec 03 13:33:51.365: Decode & Verify PEM Cert: X509 Cert Verification result text: ok *TransferTask: Dec 03 13:33:51.367: Add Cert to ID Table: Decoding PEM-encoded Private Key using password PASSWORD *TransferTask: Dec 03 13:33:51.369: Add Cert to ID Table: Adding cert & key to ID cert table; current/max: 5/8 *TransferTask: Dec 03 13:33:51.369: sshpmGetIdCertIndex: called to lookup cert >bsnSslWebauthCert< *TransferTask: Dec 03 13:33:51.370: sshpmGetIdCertIndex: found match in row 4 *TransferTask: Dec 03 13:33:51.370: Add Cert to ID Table: Deleting bsnSslWebauthCert (row 4) from ID cert table *TransferTask: Dec 03 13:33:51.370: Free Row in ID Table: Freeing OpenSSL cert (X509 fn: 0x2ac498c8 | DER fn: 0x2ab7e3c8) from ID cert table (row 4) *TransferTask: Dec 03 13:33:51.370: Free Row in ID Table: Freeing OpenSSL key (EVP_PKEY fn: 0x2ac32030 | DER fn: 0x2ab7e3c8) from ID cert table (row 4) *TransferTask: Dec 03 13:33:51.371: Add Cert to ID Table: Adding new bsnSslWebauthCert cert & key to row 4 of ID cert table *TransferTask: Dec 03 13:33:51.371: Add ID Cert: Writing DER-encoded ID cert to file /mnt/application/bsnSslWebauthCert.crt *TransferTask: Dec 03 13:33:51.371: sshpmWriteCredentialFile: called to write </mnt/application/bsnSslWebauthCert.crt>; certptr 0x2c49c8f0, length 1533 *TransferTask: Dec 03 13:33:51.372: Add ID Cert: Writing DER-encoded ID private key to file /mnt/application/bsnSslWebauthCert.prv *TransferTask: Dec 03 13:33:51.372: sshpmWriteCredentialFile: called to write </mnt/application/bsnSslWebauthCert.prv>; certptr 0x2c49d124, length 1192 *TransferTask: Dec 03 13:33:51.373: Add ID Cert: Unlinking previously created ID PEM-encoded PKCS12 file webauth_p12.pem *TransferTask: Dec 03 13:33:51.374: Add ID Cert: Created PEM-encoded ID PKCS12 file webauth_p12.pem *TransferTask: Dec 03 13:33:51.374: RESULT_STRING: Certificate installed. Reboot the switch to use new certificate. *TransferTask: Dec 03 13:33:51.374: RESULT_CODE:11 *TransferTask: Dec 03 13:33:51.376: Memory overcommit policy restored from 1 to 0 Certificate installed. Reboot the switch to use new certificate. (Cisco Controller) >
Solved! Go to Solution.
02-28-2020 07:56 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide