![]() ![]()
Now you need to open each file in turn in the order of Device, Intermediate and Root and paste them into one document as below If you are unsure of which files are which contact the tech support of the CA and they are usually very helpful. The Root Certificate was the AddTrustExternalCARoot file The Intermediate was both the Comodo files The Device certificate was the guestwireless_rogerperkin_co_uk file When you receive your signed certificates back from the certificate authority you have to chain them together you should receive 3 or 4 files, –END CERTIFICATE REQUEST-– Chaining your certificates GisfZw40VLT0/6IGvK2jX0i t58RFQ8WYTOcTRlPnkG8B/uV Rq blLr5X5iQdzyF1pLqP1Mck5Ve1eCz0R9/OekGSRno7ow4TVyxAF6J6ozDaw7e TWFya2V0aW5nMREwDwYDVQQKEwhUZXN0IE9yZzESMBAGA1UEBxMJVGVzdCBDaXR5 MIIDUDCCArkCAQAwdTEWMBQGA1UEAxMNdGVzdC50ZXN0LmNvbTESMBAGA1UECxMJ You need to copy all the text which will look like this. You just need to open up the myreq.pem file with notepad and copy the contents of the file into the certificate request. This is perfect if you want to test out the process before spending any money, if it works then you can purchase a 3 year certificate. There are many suppliers out there but if you want to try this out there are many that offer a free cert for up to 90 days. Now you need to purchase your SSL Certificate. ![]() The mykey.pem is the key file which will be used once the cert arrives. The myreq.pem file is the request that will be sent to the CA ![]() You should now be back to the OpenSSL> prompt and you should have 2 files in your C:\openssl\bin folder Just hit enter if you want to skip this step. #Edit web portal bundle cisco wlc passwordYou can then specify a password if you want The common name is the DNS name that you have specified on the virtual interface of the wireless controller.Įmail Address: (Email of the person responsible for certificates) Orgainizational Unit Name: IT (I always put IT in here) Organization Name: (This is the name of the Company for which you need the certificate – you can get the exact information from the DNS lookup of the domain name of external facing internet. Sate or Province Name (I skipped this one) Now you need to enter the requested information Yours will be specific to your company. Req -new -newkey rsa:2048 -nodes -keyout mykey.pem -out myreq.pem -config C:\openssl\openssl.cnf #Edit web portal bundle cisco wlc fullThen run the command to generate the CSR again but this time specifying the full path to the openssl.cnf file To fix this you can download a sample openssl.cnf file from here. Unable to load config info from /user/local/ssl/openssl.cnf Req -new -newkey rsa:2048 -nodes -keyout mykey.pem -out myreq.pem Once you have installed OpenSSL navigate to where you have installed it – for me I put it in C:\opensslĬhange directory to /bin and then run openssl by typing openssl You can download Open SSL for Windows from here and for Linux from here #Edit web portal bundle cisco wlc windows 7(Refer to Cisco bug ID CSCti65315 – Need Support for certificates generated using OpenSSL v1.0).įor this tutorial I will be using version 0.9.8 and running it on windows 7 as it that is what I currently have installed on my laptop. OpenSSL Version 0.9.8 is the recommended version however, as of Version 7.5, support for OpenSSL Version 1.0 was also added. #Edit web portal bundle cisco wlc codeYou will need to ensure your wireless lan controller is running code version 5.1.151.0 or higher The first step in the process is to generate a Certificate Signing Request (CSR) which is what you send of to the Certificate Authority to purchase your signed certificate. #Edit web portal bundle cisco wlc installThis Tutorial will explain how to install a 3rd party ssl certificate on a cisco wlc for guest access. Or you can deploy a 3rd party certificate signed by a public certificate authority. You can either disable the https encryption (not a good idea) as this means any credentials used will be passed in clear text. You can accept the warning and carry on but this action concerns guest users. It provides SSL encryption between wireless clients and the WLC to protect Web Authentication credentials.Įnd users receive a Security Warning then accessing the Web Policy page on WLC (trying to get guest access) A self-signed certificate is installed on the WLC by default. The Cisco Wireless Lan Controllers have an internal https server which is enabled by default for web administration
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |