已解决: FMC Download Updates Failed

Sunlight1508 · ‎03-02-2021

各位老师，今天在检查FMC上Firepower安全模块更新状态时发现有好久没有更新了，手动更新时出现如下报错：
‘Download updates failed：peer certificate cannot be authenticated with known CA certficates’
我的FMC版本为6.2.3，License状态也都正常，不知道怎么会出现该报错，应该怎么解决，还请了解的老师不吝赐教，感谢！！！

Rps-Cheers · ‎03-02-2021

F.Y.I
software update downloads by Firepower failing due to newer CA certificates not being present
CSCvm03931
Description
Symptom:
Downloads of software updates (system software, VDB, GeoDB, and SRU) may fail with the following error message:
Peer certificate cannot be authenticated with known CA certificates
Conditions:
The use of any of the following Firepower management platforms to download (manually, or automated / scheduled task) software updates from Cisco directly to the Firepower appliance:
Firepower Management Center
Firepower 7000/8000 Series
ASA with Firepower Services, managed locally (on-box) via ASDM
Firepower Device Manager
Workaround:
Manually download software updates from cisco.com, and then manually upload the update files to the Firepower appliance / management platform.
Further Problem Description:
Known Affected Releases: (9)
5.4.0
5.4.1
6.0.0
6.0.1
6.1.0
6.2.0
6.2.2
6.2.3
6.3.0
Known Fixed Releases: (6)
6.3.0
6.2.3.7
6.2.2.5
6.1.0.7
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03931/?rfs=iqvred

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

在原帖中查看解决方案

Rps-Cheers · ‎03-02-2021

F.Y.I
software update downloads by Firepower failing due to newer CA certificates not being present
CSCvm03931
Description
Symptom:
Downloads of software updates (system software, VDB, GeoDB, and SRU) may fail with the following error message:
Peer certificate cannot be authenticated with known CA certificates
Conditions:
The use of any of the following Firepower management platforms to download (manually, or automated / scheduled task) software updates from Cisco directly to the Firepower appliance:
Firepower Management Center
Firepower 7000/8000 Series
ASA with Firepower Services, managed locally (on-box) via ASDM
Firepower Device Manager
Workaround:
Manually download software updates from cisco.com, and then manually upload the update files to the Firepower appliance / management platform.
Further Problem Description:
Known Affected Releases: (9)
5.4.0
5.4.1
6.0.0
6.0.1
6.1.0
6.2.0
6.2.2
6.2.3
6.3.0
Known Fixed Releases: (6)
6.3.0
6.2.3.7
6.2.2.5
6.1.0.7
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03931/?rfs=iqvred

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

Sunlight1508 · ‎04-07-2021

1540488497lcj 发表于 2021-3-2 18:00
F.Y.I
software update downloads by Firepower failing due to newer CA certificates not being prese ...

后面给FMC系统版本升级到了6.6.1，可以更新了

Rps-Cheers · ‎04-08-2021

可以的，赞！

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !