User guide

ManualsBrandsCisco ManualsComputer equipmentCisco Wireless LAN Controller 4100

191

192

193

194

195

196

197

198

199

200

7-15

Cisco WLAN Controller Web Interface User Guide

OL-7416-04

Chapter 7 Management Menu Bar Selection

HTTP Configuration

Use MANAGEMENT > HTTP to navigate to this page.

This page allows you to enable or disable Web Mode or Secure Web Mode.

• HTTP Access: This is the HTTP Web User Interface which is accessible using a login and

password. If you disable HTTP Web Mode, you need Secure Web Mode enabled, or must use the

CLI or Cisco Wireless Control System interface to configure the controller. If you disable Web

Mode and Secure Web Mode, and must use the CLI interface to configure the controller.

• HTTPS Access: This is the HTTPS Secure Shell (SSL) interface accessible using secure certificate

authentication (configured below). If you disable HTTPS Secure Web Mode, you need Web Mode

enabled or need to use the CLI or Cisco Wireless Control System interface to configure the

controller.

• Current Certificate Information. This consists of Name, Type, Serial Number, Valid, Subject

Name, Issuer Name, MD5 Fingerpoint, and SHA1 Fingerpoint.

• Download SSL Certificate: Use to download an SSL Web Admin Certificate from a local TFTP

server. Select the Download SSL Certificate checkbox to display the following entries:

–

Server IP Address: The IP address of the local TFTP server.

–

Maximum Retries: Maximum number of times each download can be attempted.

–

Timeout: The amount of time allowed for each download.

–

Certificate File Path: Usually either \ or /, as most TFTP servers automatically determine the

path to their default file location. Otherwise, the TFTP server absolute file path.

–

Certificate File Name: The Web Administration Certificate filename in encrypted .PEM

(Privacy Enhanced Mail) format.

–

Certificate Password: To decrypt the SSL Web Admin Certificate, enter the SSL certificate

password.

Note The TFTP server cannot run on the same computer as the Cisco WCS, because the Cisco WCS and the

TFTP server use the same communication port.

Caution Each certificate has a variable-length embedded RSA Key. The RSA key length varies from 512 bits,

which is relatively insecure, to thousands of bits, which is very secure. When you are obtaining a new

certificate from a Certificate Authority (such as the Microsoft CA), MAKE SURE the RSA key

embedded in the certificate is AT LEAST 768 Bits.

Click Apply and Ye s to download the SSL Web Admin Certificate. The Operating System informs

you of the file transfer and the Certificate installation progress.

The SSL password decrypts the certificate, and the certificate is used for Secure Web Mode access when

activated.

Note The controller must be rebooted with save after the SSL Certificate is changed.