If wanting to keep the admin webpage interface access enabled long-term, then should utilize a secure profile with TFTP
encryption enabled.
For out of box (factory reset), will need to ensure the date and time is configured correctly.
Can set the Date & Time by syncing to the local machine or setting the Date & Time manually.
Can utilize either the internal Manufacturing Installed Certificate (MIC) or a custom User Installed certificate to be used as the
User Certificate for EAP-TLS.
Manufacturing Installed Certificate (MIC)
The pre-installed Manufacturing Installed Certificate (MIC) can be used as the User Certificate for EAP-TLS.
The MIC's CA chain must be exported and added to the RADIUS server's trust list if wanting to use the MIC as the User
Certificate for EAP-TLS.
Click Export to download the root and sub CA certificates from the admin webpage interface.
User Installed Certificate
To manually install a user certificate for EAP-TLS, select Install for User Installed on the main certificates webpage.
Select Browse to point to the user certificate in PKCS #12 format (.p12 or .pfx).
Enter the Extract password (up to 12 characters), then select Upload.
Ensure the CA chain that issued the user certificate is added to the RADIUS server's trust list.
Cisco IP Phone 8861 and 8865 Wireless LAN Deployment Guide
155