Cisco Bug: CSCvh73506 - CBR8 cant load the certificate from the Arris TG1652A
Nov 27, 2019
- Cisco cBR Series Converged Broadband Routers
Known Affected Releases
Symptom: 1. Some modems stuck in reject(pk) state in one LC. 2. below error messages on that LC after enable "debug cable privacy ca-cert": CLC 6/0: Jan 26 20:16:10.369: CRYPTO_PKI: converting certificate to DER failed CLC 6/0: Jan 26 20:16:10.369: Could not PKI_AddPeerCertificate for 28c8.7aed.2e22 3. Active PKI session reach to the max 899: Slot-9-0#show crypto pki counters PKI Sessions Started: 2352 PKI Sessions Ended: 1453 PKI Sessions Active: 899 Successful Validations: 1429 Failed Validations: 0 Bypassed Validations: 0 Pending Validations: 0 CRLs checked: 0 CRL - fetch attempts: 0 CRL - failed attempts: 0 CRL - rejected busy fetching: 0 AAA authorizations: 0 Slot-9-0# Conditions: This issue happens when some modems sends the bad certificate to cBR8.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases