Chapter 7 Controlling Lightweight Access Points
Autonomous Access Points Converted to Lightweight Mode
Authorizing Access Points Using LSCs
You can use an LSC if you want your own public key infrastructure (PKI) to provide better security, to have control of your certificate authority (CA), and to define policies, restrictions, and usages on the generated certificates.
The LSC CA certificate is installed on access points and controllers. You need to provision the device certificate on the access point. The access point gets a signed X.509 certificate by sending a certRequest to the controller. The controller acts as a CA proxy and receives the certRequest signed by the CA for the access point.
Note Access points that are configured for bridge mode are not supported.
Using the GUI to Configure LSC
Using the controller GUI, follow these steps to enable the use of LSC on the controller.
Step 1 Click Security > Certificate > LSC to open the Local Significant Certificates (LSC) page (see Figure
Figure 7-5 Local Significant Certificates (LSC) Page
Step 2 Click the General tab.
Step 3 To enable LSC on the system, check the Enable LSC on Controller check box.
Step 4 In the CA Server URL field, enter the URL to the CA server. You can enter either a domain name or an IP address.
Step 5 In the Params fields, enter the parameters for the device certificate. The key size is a value from 384 to 2048 (in bits), and the default value is 2048.
Step 6 Click Apply to commit your changes.
|
| Cisco Wireless LAN Controller Configuration Guide |
|
| |
|
|
| |||
|
|
|
| ||
|
|
|
|