Cisco Wireless Controller Certificate Renew⚓︎
A CSRs is required per controller as they have their own private keys which cannot be exported. The CN and SAN will be the same on both certs. Unfortunately this will come with additional cost, but without being able to export and share a private key this is the only option.
When submitting the CSRs to the Certificate Authority make sure you add a SAN manually to the request.
A command similar to
config certificate generate csr-webauth US State "My City" "My Company" My_OU guestwireless.company.com [email protected] RSA to create the Private and CSR. This process does not put any SANs in to the CSR, this will need to be done manually during CA submission.
The signed certificate needs to be returned to to the Cisco device in a pem format, with a .pem extension, and with the following format.
1 2 3 4 5 6 7 8 9
Confirmed working with:
- Cisco 5508