Solved: ACS 5.4 EAP-TLS: Encountered invalid or null system message CSCOacs_Internal_Operations_Diagnostic...

a.medusei · ‎05-05-2013

Hi all,

I'm trying to configure Wireless access with 802.1x EAP-TLS computer authetication with digital certificates but it doesn't work.

It works on ACS 4.2.

The message is ACS doesn't known CA but it is correctlry configured.

I have an accss policy "WiFi" with Identity Store AD1. I also tried to configure CN, SAN and a lot of Identity Store Sequences, same results.

At the time of authentication I also see this log message:

Encountered invalid or null system message

CSCOacs_Internal_Operations_Diagnostics

31201

I could be related to?

Anyone may help me?

thx,

Andrea

Jatin Katyal · ‎05-05-2013

I see, the certificates installed were already expired.

Regarding your second issue, where you are seeing an error. I suspect a defect.

CSCtw48906 Error due to an empty message (Vector /buffer), sent to runtime process

Symptom: Error message is seen inlogs: ERROR Encountered invalid or null system message CSCOacs_Internal_Operations_Diagnostics 31201

Conditions: ACS 5.2

Workaround: The issue is cosmetic. This message can be ignored.

As per dev's this error occors when an empty message (Vector /buffer) that was sent to runtime over the Message Bus, and it seems to be 'cosmetic' issue.

In the defect, the debugs are attached. If you wish, you may turn on the runtime logs at debbuging level and match the symptoms.

Here are the steps to generate support bundle.

acs/admin# acs-config

Escape character is CNTL/D.

Username: acsadmin

Password:

acs/admin(config-acs)#

Set logging to debug mode,.

acs/admin(config-acs)# debug-log runtime level debug

acs/admin(config-acs)#exit

Collect the support bundle after reproducing the issue.

Jatin Katyal

- Do rate helpful posts -

~Jatin

View solution in original post

Jatin Katyal · ‎05-05-2013

Do we have patch 2 appiled on it?

Could you please share the exact error message you are getting on ACS?

Do we have the complete chain installed on the ACS (including internediate or subordinate cert, if any)

Jatin Katyal

- Do rate helpful posts -

~Jatin

a.medusei · ‎05-05-2013

After 3 days I'm crazy I found the issue causing authentication fail. Some stupid people still using older CA tha should be dismissed 2 years ago.

I still have error 31201 and I have patch 2

Jatin Katyal · ‎05-05-2013

I see, the certificates installed were already expired.

Regarding your second issue, where you are seeing an error. I suspect a defect.

CSCtw48906 Error due to an empty message (Vector /buffer), sent to runtime process

Symptom: Error message is seen inlogs: ERROR Encountered invalid or null system message CSCOacs_Internal_Operations_Diagnostics 31201

Conditions: ACS 5.2

Workaround: The issue is cosmetic. This message can be ignored.

As per dev's this error occors when an empty message (Vector /buffer) that was sent to runtime over the Message Bus, and it seems to be 'cosmetic' issue.

In the defect, the debugs are attached. If you wish, you may turn on the runtime logs at debbuging level and match the symptoms.

Here are the steps to generate support bundle.

acs/admin# acs-config

Escape character is CNTL/D.

Username: acsadmin

Password:

acs/admin(config-acs)#

Set logging to debug mode,.

acs/admin(config-acs)# debug-log runtime level debug

acs/admin(config-acs)#exit

Collect the support bundle after reproducing the issue.

Jatin Katyal

- Do rate helpful posts -

~Jatin

ACS 5.4 EAP-TLS: Encountered invalid or null system message CSCOacs_Internal_Operations_Diagnostics 31201