cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
775
Views
0
Helpful
5
Replies

WLC third party webauth certificate

I jave purchased a certificate from godaddy after generating a CSR from the WLC.

They sent me 3 files, two of them with .crt extension and the third one is with .pem extension.

 

I tried to upload them one by one, but the wlc failed to install them.

 

Any idea of what has to be done?

 

Thank you all

5 Replies 5

marce1000
VIP
VIP

 

 - Review this document and or check if that can help :

                https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/109597-csr-chained-certificates-wlc-00.html

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

I tried to follow the instructions in the manual, but my question is, should i do anything to the certificates recieved from godaddy?

Or should i upload one of them?

 

I have two certificates one ends with .pem and the other ends with .crt, and each one of them holds one certificae code.

And the third one holds three certificates codes, and its extension is .crt.

I tried to convert the third one to .pem, but the certificates shrinks to one certificae code.

And if i just rename it to .pem, the WLC refuses it.

 

You need to follow the instructions.  You STILL haven't mentioned what model of controller/OS you're using so we cannot even tell you which set of instructions to follow.

The certs must be in the correct format and then combined into a single file.

Changing the name of the file will not change its contents - you MUST convert as per the instructions using openssl where necessary.

You can use the openssl tool to convert from one format to another (https://www.openssl.org/

If you're not happy with the Cisco instructions there are plenty of others you can follow - just google.

Many of the CAs actually have their own instructions eg: https://knowledge.digicert.com/quovadis/ssl-certificates/ssl-installation/how-do-i-install-a-certificate-onto-cisco-wlan-controller-wlc.html

But be aware most of those older instructions are for AireOS.  If you're on 9800 (IOS-XE) then the instructions are slightly different (as I already posted above).

I have a 5500 controller.

 

And i dont know which certificates to bind, and as i said, one of them holds the content of three codes.

 

Now also the openssl gives so many errors when i try to make a key file and to combine it with the certificates.

Rich R
VIP
VIP

You didn't bother to mention what WLC you're using.  If it's AireOS then follow the instructions @marce1000 shared but if it's 9800 then it's different https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/213917-generate-csr-for-third-party-certificate.html

They must always be chained into a single file which you load on the WLC.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: