Externally-Generated Certificate
Should you desire to use your own Web Administration SSL certificate, complete the following:
•Make sure you have a TFTP server available for the certificate download:
-If you are downloading through the Service port, the TFTP server MUST be on the same subnet as the Service port, because the Service port is not routable.
-If you are downloading through the DS (Distribution System) network port, the TFTP server can be on the same or a different subnet, because the DS port is routable.
Note: The TFTP server cannot run on the same computer as the Cisco Wireless Control System, because the Cisco WCS and the TFTP server use the same commu- nication port.
CAUTION: Each certificate has a
•Buy or create your own Web Administration SSL key and certificate. If not already done, use a password, <private_key_password>, to encrypt the key and certificate in a .PEM encoded file. The
•Move the <webadmincert_name>.pem file to the default directory on your TFTP server.
•Refer to the Using the Cisco WLAN Solution CLI section to connect and use the CLI.
•In the CLI, use the transfer download start command, and answer ‘n’ to the prompt, to view the current download settings:
>transfer download start
Mode | TFTP |
Data Type | Admin Cert |
TFTP Server IP | xxx.xxx.xxx.xxx |
TFTP Path | <directory path> |
TFTP Filename |
|
Are you sure you want to start? (y/n) n |
|
Transfer Canceled |
|
•To change the download settings, use the following:
>transfer download mode tftp
>transfer download datatype webauthcert
>transfer download serverip <TFTP server IP address>
>transfer download path <absolute TFTP server path to the update file> >transfer download filename <webadmincert_name>.pem
Note: Some TFTP servers require only a forward slash “/” as the <TFTP server IP address>, and the TFTP server automatically determines the path to the correct directory.
5/26/05 | Adding SSL to the Web User Interface |
|
