Chained Certificate Installation for Web Authentication on a WLC

Chained Certificate Installation Procedure

Prev Question Next Question

Question

What is the correct procedure to install a chained certificate (if multiple certification authorities are involved) when you do web authentication on a WLC?

Answers

A. In the Security > Web Authentication menu, download first the root CA certificate, apply, then download the intermediate CA and then the device certificate.

B. Upload the WLC certificate through the Security > Web Authentication menu and the CA certificates by downloading with datatype Vendor CA Certificate.

C. Zip all the certificates and download them on the WLC as datatype WebAuth Bundle.

D. Only through command line with the command "transfer download data type webauth chained cert".

E. Concatenate the device and intermediate CA certificates into one file along with the private key generated for the WLC CSR and upload that file in the Security.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

When multiple certification authorities are involved in web authentication on a WLC, a chained certificate is required. A chained certificate includes the device certificate, intermediate CA certificate(s), and root CA certificate.

The correct procedure to install a chained certificate when performing web authentication on a WLC depends on the WLC software version. However, here are the recommended steps to install a chained certificate:

Obtain the device certificate, intermediate CA certificate(s), and root CA certificate from the respective certification authorities.
Concatenate the device and intermediate CA certificates into one file along with the private key generated for the WLC CSR.
Upload the chained certificate to the WLC through the Security > Web Auth > Certificate menu.
Once the certificate is uploaded, ensure that the certificate chain is correct by checking the certificate details on the WLC.

If the WLC software version is older, the following procedures may be used:

Option A: In the Security > Web Authentication menu, download first the root CA certificate, apply, then download the intermediate CA and then the device certificate. This procedure is applicable for WLC software version 7.0 and older.
Option B: Upload the WLC certificate through the Security > Web Authentication menu and the CA certificates by downloading with datatype Vendor CA Certificate. This procedure is applicable for WLC software version 7.2 and older.
Option C: Zip all the certificates and download them on the WLC as datatype WebAuth Bundle. This procedure is applicable for WLC software version 7.3 and older.
Option D: Only through command line with the command "transfer download data type webauth chained cert". This procedure is applicable for WLC software version 7.4 and older.

In summary, the recommended procedure to install a chained certificate when doing web authentication on a WLC is to concatenate the device and intermediate CA certificates into one file along with the private key generated for the WLC CSR and upload that file in the Security > Web Auth > Certificate menu. However, the procedure may vary depending on the WLC software version.

Prev Question Next Question