Guest

Preview Tool

Cisco Bug: CSCuq57822 - nginx HAP Reset When Custom Key Ring Configured

Last Modified

Mar 23, 2018

Products (1)

  • Cisco Application Policy Infrastructure Controller (APIC)

Known Affected Releases

1.0(1e)

Description (partial)

Symptom:
When a custom key ring is configured for HTTPS (GUI, API) access, switch nodes in the fabric may fail to boot properly.  The following output is seen on the console of the switch:

The console output after loading the image is:

*** Running INXOS PE IFC image  ***

User Access Verification
Restore Last Core[0]:
/bootflash/./sysmgrLcore_0x1b01_policy_mgr_log.4177.tar.gz
(none) login: Found card_index=21000
[   71.284872] nvram_klm wrote rr=16 rr_str=nginx hap reset to nvram
[   71.355709] obfl_klm writing reset reason 16, nginx hap reset
[   71.431847] Collected 8 ext4 filesystems 
[   71.479536] Freezing filesystems  
[   71.632409] Collected 1 ubi filesystems 
[   71.679079] Freezing filesystems  
[   71.719590] Done freezing filesystems  
[   71.765261] Putting SSD in stdby  
[   72.302056] Done putting SSD in stdby 0 
[   72.348723] Done offlining SSD 

After three (3) failed attempts to load the NX-OS image, the switch falls into the loader> prompt.

Conditions:
- APIC version 1.0(1e)
- NX-OS version 11.0(1b)
- Custom Key Ring configured and applied to HTTPS communication policy
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.