Guest

Preview Tool

Cisco Bug: CSCvs09716 - Cisco AP is not handling EXPIRE_MIC_PAYLOAD message

Last Modified

Aug 12, 2020

Products (1)

  • Cisco Aironet 1850 Series Access Points

Known Affected Releases

8.10(109.5)

Description (partial)

Symptom:
11AX SUDI 99 supported AP is not joining to AireOS WLC if old cert RSA expired

Conditions:
Steps:-
1- Connected one 11AX ap to WLC (v8.10.109.5).
2- Changed the WLC time (year 2030) to past RSA cert expired date ( which is 2019).
3- AP got synced with WLC above configured time.
4- Reload the AP.

Expected behaviour :
After reload AP will try to use RSA cert which is expired and will not join in 1st attempt, then it will fall back to HARSA (SUDI 99) and should join the WLC.

Actual Result:
AP is not able to join WLC  with HARSA cert after multiple attempt .

Attached WS log, WLC PM PKI DEBUG log, AP CLI log.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.