Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1061
Views
0
Helpful
4
Replies

WLC DNA TLS error Network Assurance

netops4
Level 1
Level 1

‎01-16-2023 01:52 AM

On changing from the default certificate on our DNA center to a signed certificate by our internal CA assurance data is no longer received. We followed the Cisco's DNA Center hardening guide for certificate creation.

We have tried many things to resolve the issue including deleting all the assurance config from the WLC, removing it from DNA and putting it back in and a Force Update for telemetry.

Each time we seem to run into a TLS error.

{pubd_R0-0}{1}: [pubd] [1330]: (note): CNDP_MGR:conn_id[]TLS handshake failure [SSL error]
2023/01/16 09:33:11.907702 {pubd_R0-0}{1}: [pubd] [1330]: (note): CNDP_MGR:conn_id[]TLS ECODE[SSL error]
2023/01/16 09:33:11.907337 {pubd_R0-0}{1}: [pubd] [1330]: (note): CNDP_MGR:conn_id[]Resume TLS Handshake

Does anyone have any suggestions on what the issue can be.

Labels:
0 Helpful
4 Replies 4

marce1000
Hall of Fame
Hall of Fame

‎01-16-2023 02:10 AM

 

              -  What is the WLC model and software version ?

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

netops4
Level 1
Level 1
In response to marce1000

‎01-16-2023 05:50 AM

Hi it's a C9800 running  17.3.

0 Helpful

marce1000
Hall of Fame
Hall of Fame
In response to netops4

‎01-16-2023 06:15 AM

 

 - Could be a bug , you may want to look into : https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/214749-tac-recommended-ios-xe-builds-for-wirele.html , but going beyond 17.3.x is only possible if you no longer have older access point models.


                - You may find the following commands useful for debugging telemetry issues in general :

                 show telemetry ietf subscription all 
                 show telemetry ietf subscription 23 detail
                 show telemetry internal subscription all stats
                 show telemetry internal connection 1 detail   (e.g.)
                 show telemetry ietf subscription configured
                 show iox detail

M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

netops4
Level 1
Level 1

‎01-16-2023 05:52 AM

Also DNAC is on 2.3.4

0 Helpful
Top