Describes how to install a custom Certificate SSL on your Cisco Wireless Controller to avoid HTTPS warnings
Why should you use a TSL/SSL certificate?
Before starting, why should you use a certificate? TLS/SSL certificates secure internet connections by encrypting your data. They ensure data is transmitted privately, without modification, loss, or theft. Adding a certificate to your WLC will provide a safer internet experience for your users.
Moreover, some browsers might block authentication on HTTP pages. Using a certificate will permit access to HTTPS pages, and your users will be able to authenticate.
Now, we can see how to add a certificate to your Cisco WLC.
Step 1: Configure a TFTP server:
First, you have to configure a TFTP server. (You can download an accessible TFTP Server by following this link)
Add the certificate to your TFTP-Root directory. This directory has to be the storage of the TFTP server.


TFTP server setup on Cloudi-Fi captive portal
Step 2: Download the SSL certificate to set the TFTTP IP address:
Then, on your WLC, go to Security Web Auth Certificate.
Click on « Download SSL Certificate.»
Set your TFTP server’s IP address, the certificate file name (don’t forget the filename extension « .pem ») and the certificate password.
(Your certificate has to be as described in this link: https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/109597-csr-chained-certificates-wlc-00.html)
(If you encounter some problems installing your certificate, you can follow this link: https://www.cisco.com/c/en/us/support/docs/wireless/wireless-lan-controller-software/215425-troubleshoot-certificate-installation-on.html)

You can press « Apply.» The certificate is downloaded on the controller.

Once the transfer is completed successfully, go to Controller Interfaces.
Select your virtual interface. Change the IP Address to « 192.0.2.2 » and the DNS Host Name to « login.3wi.fi ».

Step 3: Enable HTTP Access AND WebAuth SecureWeb
In Management > HTTP/HTTPS, Enable
- HTTP Access
- HTTPS Access
- HTTPS Redirection
- WebAuth SecureWeb
Step 4: Reboot your Controller
Now, you have to reboot your controller. The new certificate takes effect after that.
You can access the Cisco how-to Video and Solution Brief from the Cloudi-fi Cisco Partner page.