Preview Tool

Cisco Bug: CSCvh73506 - CBR8 cant load the certificate from the Arris TG1652A

Last Modified

Nov 27, 2019

Products (1)

  • Cisco cBR Series Converged Broadband Routers

Known Affected Releases


Description (partial)

1. Some modems stuck in reject(pk) state in one LC.

2. below error messages on that LC after enable "debug cable privacy ca-cert":

CLC 6/0: Jan 26 20:16:10.369: CRYPTO_PKI: converting certificate to DER failed
CLC 6/0: Jan 26 20:16:10.369:  Could not PKI_AddPeerCertificate for 28c8.7aed.2e22

3. Active PKI session reach to the max 899:

Slot-9-0#show crypto pki counters
PKI Sessions Started: 2352
PKI Sessions Ended: 1453
PKI Sessions Active: 899
Successful Validations: 1429
Failed Validations: 0
Bypassed Validations: 0
Pending Validations: 0
CRLs checked: 0
CRL - fetch attempts: 0
CRL - failed attempts: 0
CRL - rejected busy fetching: 0
AAA authorizations: 0

This issue happens when some modems sends the bad certificate to cBR8.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.