Cisco Bug: CSCur50946 - APs mfg in Aug./Sept./Oct. 2014 unable to join an IOS-XE controller
Jun 04, 2018
- Cisco 5700 Series Wireless LAN Controllers
Known Affected Releases
Symptom:An access point manufactured in August, September or October, 2014, may be unable to join an IOS-XE controller. AP console logs at the time will look similar to the following: *Oct 16 12:39:06.231: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS. *Oct 16 13:14:56.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.255.4.3 peer_port: 5246Peer certificate verification failed FFFFFFFF *Oct 16 13:14:56.127: DTLS_CLIENT_ERROR: ../capwap/base_capwap/capwap/base_capwap_wtp_dtls.c:496 Certificate verified failed! *Oct 16 13:14:56.127: %DTLS-5-SEND_ALERT: Send FATAL : Bad certificate Alert to 10.255.4.3:5246 *Oct 16 13:14:56.127: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.255.4.3:5246 Conditions:AP was manufactured in August, September or October of 2014. IOS-XE controller/switch was manufactured in September of 2014, or later, and is running 3.6.0.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases