Link to home
Create AccountLog in
Avatar of operationsbze
operationsbze

asked on

importing an ssl certificate into WLAN Controller

I followed the recommended steps for generating a CSR for our WLC 4400, got all needed certs and combined them into the single chained cert but when i try to import the cert into the controller i get an error installing certificate.  please find the debug information below:
(Cisco Controller) >transfer download start                    

Mode............................................. TFTP  
Data Type........................................ Site Cert    
TFTP Server IP................................... 172.20.32.15
TFTP Packet Timeout.............................. 6
TFTP Max Retries................................. 10
TFTP Path........................................ /
TFTP Filename.................................... final-cert.pem

This may take some time.
Are you sure you want to start? (y/N) y
*TransferTask: May 13 18:19:15.445: Memory overcommit policy restored from 1 to 0

*TransferTask: May 13 18:21:13.219: Memory overcommit policy changed from 0 to 1

*TransferTask: May 13 18:21:13.368: RESULT_STRING: TFTP Webauth cert transfer starting.

*TransferTask: May 13 18:21:13.369: RESULT_CODE:1


TFTP Webauth cert transfer starting.
*emWeb: May 13 18:21:16.220: Still waiting!  Status = 2

*TransferTask: May 13 18:21:17.377: Locking tftp semaphore, pHost=172.20.32.15 pFilename=/final-cert.pem

*TransferTask: May 13 18:21:17.377: Semaphore locked, now unlocking, pHost=172.20.32.15 pFilename=/final-cert.pem

*TransferTask: May 13 18:21:17.377: Semaphore successfully unlocked, pHost=172.20.32.15 pFilename=/final-cert.pem

*TransferTask: May 13 18:21:17.378: TFTP: Binding to local=0.0.0.0 remote=172.20.32.15

*TransferTask: May 13 18:21:17.439: TFP End: 8632 bytes transferred (0 retransmitted packets)

*TransferTask: May 13 18:21:17.441: tftp rc=0, pHost=172.20.32.15 pFilename=/final-cert.pem
                                                                                                pLocalFilename=cert.p12

*TransferTask: May 13 18:21:17.441: RESULT_STRING: TFTP receive complete... Installing Certificate.


TFTP receive complete... Installing Certificate.
*TransferTask: May 13 18:21:17.441: RESULT_CODE:13

*emWeb: May 13 18:21:19.219: Still waiting!  Status = 2

*TransferTask: May 13 18:21:21.442: Adding cert (8564 bytes) with certificate key password.

*TransferTask: May 13 18:21:21.451: RESULT_STRING: Error installing certificate.


*TransferTask: May 13 18:21:21.451: RESULT_CODE:12

*TransferTask: May 13 18:21:21.452: ummounting: <umount /mnt/download/ >/dev/null 2>&1>  cwd  = /mnt/application

*TransferTask: May 13 18:21:21.495: finished umounting

*TransferTask: May 13 18:21:21.544: Memory overcommit policy restored from 1 to 0


Error installing certificate.
ASKER CERTIFIED SOLUTION
Avatar of rauenpc
rauenpc
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
rauenpc is correct, OpenSSL version 0.9.8 is the only version which will generate the correct cert credentials.  It has been this way for some time!

I suspect it is a chaining issue.  This is worth noting...

https://supportforums.cisco.com/docs/DOC-16220

Also, this may help...

https://supportforums.cisco.com/thread/2114923


I'm assuming you're installing a cert for WebAuth?