Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
731
Views
0
Helpful
7
Replies

Wireless certificate prompt - WLC 5508

Kevin Lotko
Level 1
Level 1

‎04-13-2015 09:22 AM - edited ‎07-05-2021 02:54 AM

When users connect to my companiees wireless, which authenicates using a Windows 2008 RADIUS server, they're prompted to accept a server certificate. I'd like to install a trusted SSL and prevent users from having to accept a cert every time they connect. This primarily happens on ipad/iphone devices.

 

How do I go about doing this? Do this on the controller? Or on the Radius server?

 

Wireless Controller: 5508

 

Thank you

Labels:
0 Helpful
7 Replies 7

George Stefanick
VIP Alumni
VIP Alumni

‎04-13-2015 09:44 AM

On Apple devices you will need to push a profile to each device. In side this profile will be the confirmation of trust which will negate the need to accept. Normally you only have to accept the first time. Connections after that should be trusted .. 

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to George Stefanick

‎04-13-2015 09:45 AM

I think with Apple, you need to accept the cert the first time, even if you install the root ca.  Like George mentioned, its only a one time accept.

-Scott

-Scott
*** Please rate helpful posts ***
0 Helpful

George Stefanick
VIP Alumni
VIP Alumni
In response to Scott Fella

‎04-13-2015 09:53 AM

In our deployment we discovered the profile negates the first time accept .. 

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to George Stefanick

‎04-13-2015 09:55 AM

Never worked for me:)  Was your cert one of the trusted root CA's by chance?

-Scott

-Scott
*** Please rate helpful posts ***
0 Helpful

Kevin Lotko
Level 1
Level 1
In response to George Stefanick

‎04-16-2015 08:07 AM

Thank you George


Do you know a of procedure on how to implement this?

 

0 Helpful

gohussai
Level 4
Level 4

‎04-16-2015 11:10 AM

Here is the solution:

 

If you have iOS devices—iPhones, iPads, or iPod Touchs—or Mac OS Lion machines on the network, you may want to use the iPhone Configuration Utility (iPCU) to help distribute the wireless settings to them. Apple offers the utility for both Windows and Mac OS X.

You can use the iPCU to create, encrypt, maintain, and install XML-based configuration profiles. In addition to Wi-Fi settings, these profiles can contain device security policies, VPN configuration, MS Exchange and email settings, and digital certificates. You can create profiles for specific users, groups, or a profile for all. You can either install the profiles directly from the computer running the iPCU or distribute the .mobile config. file via other means.

Note:This is one time process after distribution the profiles will be saved to the devices .

 

Mark it as correct if this resolve your issue.

 

 

0 Helpful

abwahid
Level 4
Level 4

‎05-05-2015 02:32 AM

Hi,

Please configure in your wireless domain GPO. Select appropriate authority in Trusted Root Certification Authorities and select Do not prompt user to authorize new servers or trusted certification authorities option.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card