---

@Marc.williams.msu wrote:
NCSW32001 Image with extension .bin not recommended for Stack Device Upgrade. Please use image with .tar extension for Stackable Device

---

This error message means someone tried to add, into the Image Repository, a filename with an extension of BIN.  The error message would also include the recommendation to use the supported file extension of TAR.  

i had this same error today. The workaround for me was to delete imported .bin file and import the .tar file and mark it as golden image (can't import both for same device model). I could launch the distribution without error but it took so much time that I had multiple distribution timeouts (after almost 2h of distributing the image via SCP). SO I think there is an issue with dna center pushing .tar 2960x stack images.

It takes a lot of time and causes CPU to rise up to 99% because of the "archive" command initiated by DNAC.

I put my error messages in description if someone can help.

"no-set-boot" + "leave-old-sw" is a recipe for a disaster.  

What are the chance that the new IOS will be "above" the old IOS?  With "no-set-boot", that gives each individual switch to boot the first IOS it can find from the flash, from top to bottom.  If the old IOS is "above" the new IOS, the switch will boot the old IOS (because of "no-set-boot").  

I understand but the command was automatically issued by DNAC during the upgrade process, I discovered it at the same time I red the error message. 
I will be glad if you know if it’s possible to customize this part. 
In my understanding, you can just choose the golden image, customize checks, and DNAC handles the rest.

---

@adams pro wrote:
I will be glad if you know if it’s possible to customize this part. 

---

I do not because I (would) never use DNAC to update the firmware of my routers, switches and WLC.  We do not want to take chances of our appliances booting into ROMMON because DNAC made a mistake.   We've made that mistake twice before and the price to pay was eye-watering.  

DNAC is not geared for upgrading classic IOS.  

I had this exact thing happen to me last night, including that CPU spike to 99% (never got the chance to check that archive command and if it was issued though). It was painfully slow using distributing via SCP. Mine thankfully didn't time out like yours and was able to successfully push via SCP. In the upgrade readiness report, it was displaying HTTPs transfer wasn't going to work due to the certificate/not being able to reach DNA via HTTPs (see image)

I tried everything on this link, but am still getting errors even after reinstalling the certificate... even the copy of the .png they reference is still not working, and I am getting the IO error. Very strange...

https://www.cisco.com/c/en/us/support/docs/cloud-systems-management/dna-center/220990-troubleshoot-https-error-in-dna-center-f.html#toc-hId-2753662

Please let me know if you have any updates or if you get things successfully working and I'll do the same! Good luck!