%DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:988 Failed to complete DTLS handshake with peer 
10.1.1.29
*spamApTask3: Jan 01 04:29:08.985: %SSHPM-3-GENERIC_CERT_ERROR: sshpmPkiApi.c:2237 Certificate validation failed! Reason Cisco user certificate not verified by cisco root., Certificate type : MIC, Certificate issuer :Cisco Certificate
ap关联失败wlc失败,日志是这个。看了下高手,觉得应该是wlc时间设置问题。那问题来啦,wlc强调时间,是和ap时间一样呢,还是要干嘛。wlc又不需要联网,不需要天天去和世界时间一样吧
10.1.1.29*spamApTask3: Jan 01 04:29:08.985: %SSHPM-3-GENERIC_CERT_ERROR: sshpmPkiApi.c:2237 Certificate validation failed! Reason Cisco user certificate not verified by cisco root., Certificate type : MIC, Certificate issuer :Cisco Certificate
ap关联失败wlc失败,日志是这个。看了下高手,觉得应该是wlc时间设置问题。那问题来啦,wlc强调时间,是和ap时间一样呢,还是要干嘛。wlc又不需要联网,不需要天天去和世界时间一样吧
1 个已接受解答
已接受的解答
jinmaichen 发表于 2019-9-28 12:03
我在官网上,查不到ap证书的有效性。是不是只能进入登录上ap看的
每个ap的证书(MIC)有效期是不一致的。只能登陆到ap上查看
命令: show crypto pki cert//图1 为C1142,图2为 C3702 最后的文本是另一台3702的show结果
Certificate
Status: Available
Certificate Serial Number (hex): 4BF1E92000000001F65B
Certificate Usage: General Purpose
Issuer:
cn=Cisco Manufacturing CA SHA2
o=Cisco
Subject:
Name: AP3G2-cc46d67eb240
e=support@cisco.com
cn=AP3G2-cc46d67eb240
o=Cisco Systems
l=San Jose
st=California
c=US
CRL Distribution Points:
http://www.cisco.com/security/pki/crl/cmca2.crl
Validity Date:
start date: 05:31:41 UTC Nov 11 2015
end date: 05:41:41 UTC Nov 11 2025
Associated Trustpoints: Cisco_IOS_M2_MIC_cert
Storage:
