Cisco Systems OL-7426-03 Adding SSL to the Web User InterfaceAdding SSL to the Web User Interface

5/26/05 Adding SSL to the Web User Interface

OL-7426-03

Adding SSL to the Web User InterfaceAdding SSL to the Web User Interface

When you plan to secure the Cisco Wireless LAN Controller HTTP: Web User Interface using the https:

(HTTP + SSL) protocol, note that the Operating System automatically generates its own local Web

Administration SSL certificate and automatically applies it to the Web User Interface. Verify whether or

not the locally-generated Web Administration certificate is already loaded:

>show certificate summary

Web Administration Certificate................. Locally Generated

Web Authentication Certificate................. Locally Generated

Certificate compatibility mode:................ off

Continue with either of the following two sections:

•Locally-Generated Certificate or an

•Externally-Generated Certificate.

Locally-Generated CertificateLocally-Generated Certificate

Should you desire to have the Operating System generate a new Web Administration SSL certificate,

complete the following:

•In the CLI, enter:

>config certificate generate webadmin

Wait a few seconds, and the Cisco Wireless LAN Controller returns:

Web Administration certificate has been generated

•Verify that the Web Administration certificate is properly loaded:

>show certificate summary

Web Administration Certificate................. Locally Generated

Web Authentication Certificate................. Locally Generated

Certificate compatibility mode:................ off

•Enable Secure Web mode:

>config network secureweb enable

•Save the SSL certificate, key and secure web password in active working memory to NVRAM

(non-volatile RAM) so your changes are retained across reboots:

>save config

Are you sure you want to save? (y/n) y

Configuration Saved!

•Reboot the Cisco Wireless LAN Controller:

>reset system

Are you sure you would like to reset the system? (y/n) y

System will now restart!

The Cisco Wireless LAN Controller completes the bootup process as described in the Connecting

and Using the CLI Console step in the appropriate Cisco Wireless LAN Controller

Quick Start Guide.

•Make sure that operators using the Web User Interface know that they may securely log into

the Cisco Wireless LAN Controller using “https://<Cisco Wireless LAN Controller_IPaddress>.

Refer to the Transferring Files To and From a Cisco Wireless LAN Controller section for other file upload

and download instructions.