Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

importing an ssl certificate into WLAN Controller

Posted on 2013-05-14
2
Medium Priority
?
2,836 Views
Last Modified: 2013-08-12
I followed the recommended steps for generating a CSR for our WLC 4400, got all needed certs and combined them into the single chained cert but when i try to import the cert into the controller i get an error installing certificate.  please find the debug information below:
(Cisco Controller) >transfer download start                    

Mode............................................. TFTP  
Data Type........................................ Site Cert    
TFTP Server IP................................... 172.20.32.15
TFTP Packet Timeout.............................. 6
TFTP Max Retries................................. 10
TFTP Path........................................ /
TFTP Filename.................................... final-cert.pem

This may take some time.
Are you sure you want to start? (y/N) y
*TransferTask: May 13 18:19:15.445: Memory overcommit policy restored from 1 to 0

*TransferTask: May 13 18:21:13.219: Memory overcommit policy changed from 0 to 1

*TransferTask: May 13 18:21:13.368: RESULT_STRING: TFTP Webauth cert transfer starting.

*TransferTask: May 13 18:21:13.369: RESULT_CODE:1


TFTP Webauth cert transfer starting.
*emWeb: May 13 18:21:16.220: Still waiting!  Status = 2

*TransferTask: May 13 18:21:17.377: Locking tftp semaphore, pHost=172.20.32.15 pFilename=/final-cert.pem

*TransferTask: May 13 18:21:17.377: Semaphore locked, now unlocking, pHost=172.20.32.15 pFilename=/final-cert.pem

*TransferTask: May 13 18:21:17.377: Semaphore successfully unlocked, pHost=172.20.32.15 pFilename=/final-cert.pem

*TransferTask: May 13 18:21:17.378: TFTP: Binding to local=0.0.0.0 remote=172.20.32.15

*TransferTask: May 13 18:21:17.439: TFP End: 8632 bytes transferred (0 retransmitted packets)

*TransferTask: May 13 18:21:17.441: tftp rc=0, pHost=172.20.32.15 pFilename=/final-cert.pem
                                                                                                pLocalFilename=cert.p12

*TransferTask: May 13 18:21:17.441: RESULT_STRING: TFTP receive complete... Installing Certificate.


TFTP receive complete... Installing Certificate.
*TransferTask: May 13 18:21:17.441: RESULT_CODE:13

*emWeb: May 13 18:21:19.219: Still waiting!  Status = 2

*TransferTask: May 13 18:21:21.442: Adding cert (8564 bytes) with certificate key password.

*TransferTask: May 13 18:21:21.451: RESULT_STRING: Error installing certificate.


*TransferTask: May 13 18:21:21.451: RESULT_CODE:12

*TransferTask: May 13 18:21:21.452: ummounting: <umount /mnt/download/ >/dev/null 2>&1>  cwd  = /mnt/application

*TransferTask: May 13 18:21:21.495: finished umounting

*TransferTask: May 13 18:21:21.544: Memory overcommit policy restored from 1 to 0


Error installing certificate.
0
Comment
Question by:operationsbze
2 Comments
 
LVL 20

Accepted Solution

by:
rauenpc earned 2000 total points
ID: 39165109
What version of OpenSSL did you use? I ran into an issue like this a month ago and it was because I was using a newer version of OpenSSL. According to TAC, only 0.9.8 is supported to created the certificate. Using 1.0+ for some reason doesn't work even though all the steps complete successfully when creating the cert. The TAC engineer went on to say that Cisco has submitted a bug report to OpenSSL, but at the moment there was no fix or estimated time for a fix.

If this is an OpenSSL version issue, you can use all the same files and just do the last couple steps to create the final cert.
0
 
LVL 47

Expert Comment

by:Craig Beck
ID: 39177605
rauenpc is correct, OpenSSL version 0.9.8 is the only version which will generate the correct cert credentials.  It has been this way for some time!

I suspect it is a chaining issue.  This is worth noting...

https://supportforums.cisco.com/docs/DOC-16220

Also, this may help...

https://supportforums.cisco.com/thread/2114923


I'm assuming you're installing a cert for WebAuth?
0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question