05-05-2013 04:58 AM - edited 03-10-2019 08:23 PM
Hi all,
I'm trying to configure Wireless access with 802.1x EAP-TLS computer authetication with digital certificates but it doesn't work.
It works on ACS 4.2.
The message is ACS doesn't known CA but it is correctlry configured.
I have an accss policy "WiFi" with Identity Store AD1. I also tried to configure CN, SAN and a lot of Identity Store Sequences, same results.
At the time of authentication I also see this log message:
Encountered invalid or null system message | CSCOacs_Internal_Operations_Diagnostics | 31201 |
I could be related to?
Anyone may help me?
thx,
Andrea
Solved! Go to Solution.
05-05-2013 12:21 PM
I see, the certificates installed were already expired.
Regarding your second issue, where you are seeing an error. I suspect a defect.
CSCtw48906 Error due to an empty message (Vector /buffer), sent to runtime process
Symptom: Error message is seen inlogs: ERROR Encountered invalid or null system message CSCOacs_Internal_Operations_Diagnostics 31201
Conditions: ACS 5.2
Workaround: The issue is cosmetic. This message can be ignored.
As per dev's this error occors when an empty message (Vector /buffer) that was sent to runtime over the Message Bus, and it seems to be 'cosmetic' issue.
In the defect, the debugs are attached. If you wish, you may turn on the runtime logs at debbuging level and match the symptoms.
Here are the steps to generate support bundle.
acs/admin# acs-config
Escape character is CNTL/D.
Username: acsadmin
Password:
acs/admin(config-acs)#
Set logging to debug mode,.
acs/admin(config-acs)# debug-log runtime level debug
acs/admin(config-acs)#exit
Collect the support bundle after reproducing the issue.
Jatin Katyal
- Do rate helpful posts -
05-05-2013 06:01 AM
Do we have patch 2 appiled on it?
Could you please share the exact error message you are getting on ACS?
Do we have the complete chain installed on the ACS (including internediate or subordinate cert, if any)
Jatin Katyal
- Do rate helpful posts -
05-05-2013 10:17 AM
After 3 days I'm crazy I found the issue causing authentication fail. Some stupid people still using older CA tha should be dismissed 2 years ago.
I still have error 31201 and I have patch 2
05-05-2013 12:21 PM
I see, the certificates installed were already expired.
Regarding your second issue, where you are seeing an error. I suspect a defect.
CSCtw48906 Error due to an empty message (Vector /buffer), sent to runtime process
Symptom: Error message is seen inlogs: ERROR Encountered invalid or null system message CSCOacs_Internal_Operations_Diagnostics 31201
Conditions: ACS 5.2
Workaround: The issue is cosmetic. This message can be ignored.
As per dev's this error occors when an empty message (Vector /buffer) that was sent to runtime over the Message Bus, and it seems to be 'cosmetic' issue.
In the defect, the debugs are attached. If you wish, you may turn on the runtime logs at debbuging level and match the symptoms.
Here are the steps to generate support bundle.
acs/admin# acs-config
Escape character is CNTL/D.
Username: acsadmin
Password:
acs/admin(config-acs)#
Set logging to debug mode,.
acs/admin(config-acs)# debug-log runtime level debug
acs/admin(config-acs)#exit
Collect the support bundle after reproducing the issue.
Jatin Katyal
- Do rate helpful posts -
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide