Error installing 3rd party certificate on wism

Similar Messages

• 3rd party certificate on WiSM controllers

  Hi,
  On my corporate wireless net, there is an SSID to allow guests to reach the Internet. They receive a voucher with 1-day valid credentials and are asked to open a browser, which is redirected to a login page https://1.1.1.1/login.html.
  The controllers in the acnhor group have a 3rd party certificate installed. It is generated for a company URL like: guest.companyname.com
  So when the browser hits the login screen, it stops and issues a warning about receiving a valid certificate but for a different URL.
  We have an external DNS-record which resolves the company URL to 1.1.1.1.
  I see a possible solution, if the URL of the Internal (default) URL can be changed to https://guest.companyname.com/login.html because if this is keyed in manually, I receive the login page right away without warnings. This is obviously what we want the guest to see.
  The controllers run 7.0.230.0 software as well as the WLC.
  Hope someone has the simple answer to this???

  Putting 1.1.1.1 (VIP address) is a test to bypass the certificate.  It is pretty simple, if you have done it a hundred times.  But to start of from the basic, make sure that the user is being anchored to the guest wlc.  You should see an entry of the client on the guest anchor and the client should be in the WEBAUTH_REQD state until they go through the login proccess in which they will be in the RUN state.  If you don't , then I can see why the 3rd party certificate is not working.  SO you should see the client on the foreign and the anchor wlc.  Make sure of this first.
  Did you not restart the anchors when you put in the FQDN in the VIP?
  Thanks,
  Scott
  Help out other by using the rating system and marking answered questions as "Answered"

• Error installation 3rd party certificate on wlc for webauth

  i,
  I would like to install a web auth certificate on a 5508. Version 7.6.130
  Every time I get an error on web gui or cli like:
  Cisco Controller) >transfer download start
  Mode............................................. TFTP
  Data Type........................................ Site Cert
  TFTP Server IP................................... 10.1.126.100
  TFTP Packet Timeout.............................. 6
  TFTP Max Retries................................. 10
  TFTP Path........................................ /wlan/
  TFTP Filename.................................... final.pem
  TFTP Webauth cert transfer starting.
  *TransferTask: Oct 07 14:33:08.162: RESULT_CODE:1
  *TransferTask: Oct 07 14:33:12.165: Locking tftp semaphore, pHost=10.1.126.100 pFilename=/wlan/final.pem
  *TransferTask: Oct 07 14:33:12.249: Semaphore locked, now unlocking, pHost=10.1.126.100 pFilename=/wlan/final.pem
  *TransferTask: Oct 07 14:33:12.249: Semaphore successfully unlocked, pHost=10.1.126.100 pFilename=/wlan/final.pem
  *TransferTask: Oct 07 14:33:12.250: TFTP: Binding to remote=10.1.126.100
  *TransferTask: Oct 07 14:33:12.266: TFP End: 7959 bytes transferred (0 retransmitted packets)
  *TransferTask: Oct 07 14:33:12.266: tftp rc=0, pHost=10.1.126.100 pFilename=/wlan/final.pem
                                                                                                  pLocalFilename=cert.p12
  *TransferTask: Oct 07 14:33:12.266: RESULT_STRING: TFTP receive complete... Installing Certificate.
  TFTP receive complete... Installing Certificate.
  *TransferTask: Oct 07 14:33:12.266: RESULT_CODE:13
  *TransferTask: Oct 07 14:33:16.269: Adding cert (7895 bytes) with certificate key password.
  *TransferTask: Oct 07 14:33:16.309: RESULT_STRING: Error installing certificate.
  *TransferTask: Oct 07 14:33:16.309: RESULT_CODE:12
  Error installing certificate.
  What's funny, when I'm on a 2106 with the same certificate (Version: 7.0.250.0) install, everything works!
  Does anyone have an idea to solve this problem?
  Regards
  Juergen

  Hello, please check these links out and see if they help:
  https://supportforums.cisco.com/discussion/11376866/error-installing-certificate-help
  https://supportforums.cisco.com/discussion/12294996/web-auth-certificate-download-failed-install-certificate
  https://supportforums.cisco.com/blog/151061/generate-csr-third-party-cert-and-download-unchained-cert-wireless-lan-controller-wlc

• Installing 3rd party certificate in Cisco ASA

  Hi, 
  We have configured an CSR in Cisco ASA for 3rd party CA to generate the certificate, however, the CSR configuration was lost because of some reason.
  How can we install this certificate without the CSR in Cisco ASA.  Or we have to generate another certificate from CA, it will be chargebale for the new certificate.
  Anyone can help to advise ?
  Thanks
  Veon

  You don't need the CSR once you have received the certificate from the third party certificate vendor. Just upload the CA Root certificate and the identity certificate from the certificate vendor to the ASA.
  Here is configuration guide for your reference:
  http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808b3cff.shtml
  Hope that helps.

• N800 and Applicaion errors ( installing 3rd party)

  Any suggestions would be very helpful as I am fumbling my way though this as I am A windows man( no flaming please).
  Several pieces of software give me errors when I try to install them the errors look like this:
  Packages Missing: libc6 (>+2.520-1)
  libglib2.0-0 (>+2.12.12-losso3)
  libpango1.0-0(>+1.16.4)
  One program has 16 of these missing packages listed! Are these missing from the apps or are the missing from Maemo?
  I have tried to find these packags on line and from what little info I can find it seem to be part of Maemo.. I have the latest ver of Maemo for the N800 and most of the apps I am trying to install were written for Maemo on the n800...
  Help a brotha out.

  Just put your folders with loops anywhere you like on any mounted disk (though preferably not on the Desktop), then drag those folders from the Finder onto Logics' loop browser to have them indexed.

• How to request and install 3rd Party certificate on CAS servers 2010

  I have 6 CAS/HUB server installed in same AD site but located physcially at different locations. I need to renew the certificate on all of this servers. We are using Godaddy certificate. Could you please provide the steps to create CSR for all the CAS/HUB
  server and how to assign services and import on all the CAS/HUB servers.
  Service: IIS/Activesync/OWA/Autodiscover/SMTP/Outlook anywhere.
  Note: CAS/HUB is installed on the same server.

  Hi,
  Generally, to renew a certificate in Exchange server 2010, we can do these steps:
  1. Use the New-ExchangeCertificate cmdlet to generate a new certificate request:
  New-Exchangecertificate -domainname mail.domain.com, autodiscover.domain.com
  -generaterequest:$true -keysize 1024 -path "c:\Certificates\xxxx.req” -privatekeyexportable:$true –subjectname "c=US o=domain.com, CN=server.domain.com"
  2. Submit the certificate request to your chosen Certificate Authority(Godaddy), then the CA issues a certificate or chain of certificates.
  3. Install the issued SSL certificate on the Exchange 2010 server.
  Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path “c:\Certificates\xxxx.pfx” -Encoding byte -ReadCount 0))
  4. Assign the new SSL certificate to the appropriate services on the Exchange 2010 server.
  Enable-ExchangeCertificate -Server 'EXCH-H-868' -Services 'IMAP, POP, IIS, SMTP' -Thumbprint 'EDF57B5F9D81F1EC329BFB77ADD4465B426A40FB'
  5. Restart IIS service.
  Best Regards,
  Winnie Liang
  TechNet Community Support

• Exchange Server 2010 Edge Transport Subscription Issue while moving Internal CA Certificate to 3rd Party Certificate

  My Client have a Exchange 2010 Organization with Single Domain Single Forest.
  They were using Internal CA Certificate and a TLS Cert.
  As a POC we are doing a POC for Exchange 2010 Hybrid Office 365 Environment.
  For this 3rd Party CA is Mandatory and they have bought a Geo Trust Certificate.
  Now when they have installed cert on both HUB as well as EDGE servers, he was prompted to do edge subscription again.
  HUB and CAS are combined on the server at both Main and DR Site.
  When they try to do edge subscription again they are getting the following error.
  SYED WASIL UDDIN Infrastructure Consultant/System Engineer Premier Systems (Pvt.) Ltd.

  I was finding out the solution and got this.
  1-Certificate will import on both EDGE and HUB Servers.
  2-Edge Sync will use Self-Sign Certificate (but I an unable to find how do I configure this)
  3-some communication between Edge and Hub will be encrypted via 3rd party Certificate.
  Could anyone suggest, which services on HUB must based in this 3rd party cert.
  All the external communication must be encrypted via 3rd party CA and communication between HUB-EDGE will set on self-sign Cert. How do I do this.
  SYED WASIL UDDIN Infrastructure Consultant/System Engineer Premier Systems (Pvt.) Ltd.
  Hi,
  Please run Get-ExchangeCertificate | fl to check your Exchange certificate settings. Also confirm if the 5E470560626E313646730C177FCA66728E2BAFF7 certificate is your trusted 3rd party cert.
  Please use Enable-ExchangeCertificate cmdlet to assign SMTP service to your self-signed certificate in your Edge server.
  Regards,
  Winnie Liang
  TechNet Community Support

• Install third party certificate on MAC os X

  Hello,
  I have installed leport 10.5.X on my machine. I am new bie for MAc and want to install intermediate certificate for my domain from Digicert. I have registered from Digicsert. Please help me to how can I install on the machine. I also need to create a new certificate but when I tried to add it shows an error message like this.
  "There are no valid root or intermediate certificate authorities available to sigh certificates. Use the "create certificate Authority" option to create a certificate authority."
  Can anybody please help me to what should be the next step.
  And how can I install third party certificate.
  Thanks in advance.

  There is a product called VolumeWorks that is supposed to do this. I looked at the demo, but I could not get it to see the extra space so I ended up backing it all up and erasing the Raid and doing a block copy with Carbon Copy Cloner.

• WLC526 install third party certificate

  Hi!  I would like to install a 3rd party certificate to get rid of the certificate warning for my web authenticated users. Can´t find any documentation about this. Has anyone done this on a 526 express controller? Is it possible?
  Martin

  Hi,
  How do you export the certificate from ServerA and import it to ServerB? Does the certificate in ServerA work well?
  Please refer to the following article to make sure your certificate exporting and importing for multiple server using is doing correctly:
  http://exchangeserverpro.com/exchange-2013-ssl-certificate-export-import/
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information
  found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
  If the exporting and importing steps are correct and the issue persists, please run the following command to check your certificates settings:
  Get-ExchangeCertificate | FL
  Thanks,
  Winnie Liang
  TechNet Community Support

• Farm member not using 3rd party certificate

  I have a Microsoft server 2008 R2 RDS farm using a broker and NLB farm nodes.
  In the farm member node ( not the broker ), I open  “Remote Desktop Session Host Configuration” tool I selected “member of farm RD Connection Broker” and in the “general” tab under the “certificate” section I clicked “select” and picked the 3rd party
  Certificate.
  This is a Farm member. When I use a rdp client to go to farmName.domain.com I get a pop up with a certificate error and it shows the certificate as serverName.domain.com and not the name in the “farm” certificate.
  How can I troubleshoot this issue.

  Hi,
  Iniitally seems the certificate is not from valid trusted authority. So please check the trusted authority. Apart there is mismatch in certificate name with server name. 
  The name in the Subject line of the server certificate (certificate name, or CN) must match the FQDN, or the DNS name that the client uses to connect to the RD Gateway server, unless you are using wildcard certificates or the SAN attributes of certificates.
  If your organization issues certificates from an enterprise certification authority (CA), a certificate template must be configured so that the appropriate name is supplied in the certificate request. 
  The certificate must be trusted on clients. That is, the public certificate of the CA that signed the RD Gateway server certificate must be located in the Trusted Root Certification Authorities store on the client computer.
  In addition, please check beneath article for reference.
  Configuring Remote Desktop certificates
  http://blogs.msdn.com/b/rds/archive/2010/04/09/configuring-remote-desktop-certificates.aspx
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Install 3rd party PDF iFilter for index PDF file as attachment in e-mail (msg)

  I have called Microsoft Permium Support, base on the reply, SharePoint 2013 does not support to index a PDF file attachment in E-mail (msg) except 3rd party iFilter installed. And they finally told me how to edit Windows Registry for install the Adobe iFilter.
  But, the Adobe iFilter is too weak to call large PDF files. So, I would like to install and try the Foxit PDF iFilter, but I cannot find an installation guide for this 3rd party ifilter with SharePoint 2013. 
  Does anyone here have the experience for Foxit PDF iFilter with SharePoint 2013 can help me?
  I am not sure it is bug or feature in SharePoint 2013, but in case I still have to install 3rd party iFilter for index PDF file. I have no idea what is the out of box pdf file indexing support for.

  You ca plan to use Foxit. 
  steps are nearly the same which we use in sharepoint 2013
  1. We need to update registry for pdf . Registry value is {987f8d1a-26e6-4554-b007-6b20e2680632}
  2. we need to install the foxit ifilter
  Here are steps for same
  http://support.microsoft.com/kb/2293357
  3. run below command:
  net stop spsearch4
  net start spsearch4
  net stop osearch14
  net start osearch14
  Check below:
  http://bjarnegram.wordpress.com/2011/07/13/installing-foxit-pdf-ifilter-on-sharepoint-server-2010/

• WLC5760 - CSR request for 3rd party certificate

  I need to generate a CSR request to obtain a 3rd party certificate for my WLC.
  i am not sure how i can do that. all document availble are for wlc 4400.
  let me know if the same process will apply to wlc5760 as well.

  Thanks Matteo,
  I managed to get it done, Yes I used OpenSSL to generate CSR.
  Here what I have learnt about it, including WebAuth Cert installation on 5760. This may be useful to someone else.
  http://mrncciew.com/2014/07/30/5760-webauth-certificates/
  HTH
  Rasika
  **** Pls rate all useful responses ****

• PKI setup using 3rd party certificates

  I want to configure SCCM in our environment using are existing certificate creation infrastructure. I do not want to use Microsoft Certificate services. Instead I'd rather use our OpenSSL solution. However I cannot find good documentation to work with using
  3rd party certificates. Everything is related around Microsoft's certificate services.
  Has anyone had any luck implementing SCCM in this manor? Documentation available to aid?

  So we are planning to setup https across the board and going through the blogs and TechNet article - I see that internal PKI is a requirement and you just cannot do away with 3rd party/external certificate, correct ??
  I am working on a scenario where the customer does not want to implement internal PKI but use external certificate either by GoDaady or Thawte or VeriSign where possible at all times but looks like you can't use the external certificate to act as ConfigMgr
  Web Certificate or ConfigMgr DP Cert?
  given the following scenario
  https://social.technet.microsoft.com/Forums/en-US/ac34ebdf-c932-4075-b4a3-ebe572ffab0e/scenario-multi-tenant-configmgr-2012-r2-and-same-ip-address-range-for-multiple-customer?forum=configmanagerdeployment#868600a8-e8eb-471a-b767-761305636041
  for clients to communicate to DP's/Secondary Sites configured in HTTPS, we still need internal PKI ?
  I guess the answer is yes to all.. but just confirming :)

• Cisco IOS CA using 3rd Party Certificate

  Hi,
  Can I use 3rd Party certificate such as verisign, on Cisco IOS CA ? All i can see on cisco.com is self-signed certificate from router.
  Thanks
  -santo-

  Santo,
  That's fair enough. A key information to make sure customers understand that a private PKI infrustructure is (for the purpose of deployment such as GETVPN) as secure as provided by third part party.
  Private PKI is not based on self signed certificates - only the root CA might need something like it :-)
  That being said, for reliability and flexability I really suggest storing CA (ser, CRL, OCSP, backup of public/private keys) files on storage external to the router.
  Key takeway is that a properly managed private PKI solution for deployments like DMVPN/GETVPN others is as secure as external 3rd party services (and often time order of magnitude cheaper).
  M.

• Prevent shockwave player from trying to install 3rd party software?

  I am a sysadmin for a relatively small-ish enterprise (around 50-ish PCs).  We have scripts which push out shockwave player to all our systems but when a user loads a page which requires shockwave, they get a UAC prompt because the player is trying to install 3rd party software (usually Google Chrome browser).  How do I stop this from happening?  Is there a command line argument I can set (preferable method) or some other centrally-managed method for turning this off?  Thanks in advance.
  M

  I guess I am not explaining myself very well. 
  I am currently using the EXE full installer from the distribution page.  The installation works very well and I can get it to run in "silent" mode to avoid interaction with the user.  Once the installation finishes, and I load a web page which requires Shockwave player, I get prompted at that point to download/install Chrome.  That is the part I would like to know if it's possible to stop, because all our users are getting UAC prompts and it's always because Shockwave wants to run some installer after loading.  I had hoped that going to the distribution version (as opposed to the straight download from the Adobe.com home page) would resolve this but they seem to be the same version, which makes me wonder why I bothered to sign up for it in the first place.