Cisco WLC AP 1240 series – cert issue

Thanks to cjcott01 and his article „Cisco WLC AP cert issue: %DTLS-3-HANDSHAKE_FAILURE“  we could quickly solve the issue, where Cisco EoL AP 1240 series disassociated with wireless controller, based on an expired certificate on the ap.

Logs wihich can be seen within WLC:

*spamApTask2: Aug 08 09:40:27.824: #DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:823 Failed to complete DTLS handshake with peer xx.xx.xx.xx
*spamApTask4: Aug 08 09:40:21.927: #DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:823 Failed to complete DTLS handshake with peer xx.xx.xx.xx
*spamApTask4: Aug 08 09:40:05.573: #DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:823 Failed to complete DTLS handshake with peer xx.xx.xx.xx

Solution on WLC within CLI:
config ap cert-expiry-ignore mic enable

Import is, that this command is only available after 8.0.133.0, we upgraded to 8.0.152.0 which is recommended at the moment. A few more details can be found within cj’s article.

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.