Guest

Preview Tool

Cisco Bug: CSCvv65304 - Regex update in CSCvu62127 fails on new cert subject format, cert re-program still required

Last Modified

Sep 23, 2020

Products (1)

  • Cisco Application Policy Infrastructure Controller (APIC)

Known Affected Releases

4.2(5k)

Description (partial)

Symptom:
Running 'acidiag verifyapic' on this newly received APIC with the previously identified cert subject difference will return "apic_cert_format_check: failed":

APIC1# acidiag verifyapic
openssl_check: certificate details
subject= serialNumber=PID:APIC-SERVER-L3 SN:XXXXXXXXXX,CN=XXXXXXXXXX
issuer= CN=Cisco Manufacturing CA,O=Cisco Systems
notBefore=Jul 14 03:00:39 2020 GMT
notAfter=May 14 20:25:41 2029 GMT
openssl_check: passed
openssl_check: certificate details
subject= /CN=XXXXXXXXXX/serialNumber=PID:APIC-SERVER-L3 SN:XXXXXXXXXX
Certificate doesn't match APIC format
apic_cert_format_check: failed        <<<<<<<<<<<<<<<<<<<

Conditions:
A newly received APIC-M3 or L3 failing discovery while on a version before 4.2(5k). They are told to upgrade to 4.2(5k) to account for the updated cert subject format.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.