Monday, February 8, 2021

Bulk Update WLC WebAuth Certificate

It's that time again. I’m updating the webauth cert for a good number of WLCs. The newer WLC code has an option to generate a certificate signing request directly from the WLC. While that option is great for a single WLC, it is cumbersome repeating the process to update a large number of WLCs. Instead, I'll trade off by spending more time upfront preparing one certificate file I can use on all of the WLCs. I’m going with the good 'ole OpenSSL method to generate a CSR for a wildcard cert. I’ll have it signed by a public CA, combine the device cert, intermediate CA cert, and root CA cert. Then I’ll massage it with OpenSSL to include the private key (created by OpenSSL during the CSR process). That version of the certificate file will then be uploaded to all of the different WLCs in the organization.


The Tech Note write-up from Cisco with the specific CLI commands for OpenSSL is at the following URL.


https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/109597-csr-chained-certificates-wlc-00.html


Document Name: Generate CSR for Third-Party Certificates and Download Chained Certificates to the WLC


Document ID: 109597

No comments:

Post a Comment

Integrating WebEx Calling and Communications Manager Express 2/2

This is the second post in the two post series. It will go into more detail on the configuration of the solutions and workarounds put in pla...