cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Field Notice Alert! Cisco IOS/IOS-XE Self-Signed Certificates Will Expire on 01/01/2020

1868
Views
5
Helpful
3
Comments

Field Notice Alert! (FN70489)

 

Self-signed certificates generated from certain Cisco IOS Classic/IOS-XE products will expire on 01/01/2020 00:00:00 UTC if generated prior to the application of CSCvi48253.

 

Cisco has issued a field notice to help customers determine if they are impacted by this issue and to provide instructions if action is needed. Please review the field notice to determine if you may be impacted and to review fixed software versions and workarounds: https://www.cisco.com/c/en/us/support/docs/field-notices/704/fn70489.html

Comments
Beginner

Hi, Does this impact SSH connections, we are using username/pwd to get into the devices. Please advise. 

 

Thanks

PM

Cisco Employee
In short, NO.

The IOS SSH Server is only impacted when used with X.509 certificates to authenticate the SSH session. (This use of X.509 certificates is rare. Username/password authentication and public/private key authentication are not affected.

Impacted devices using the SSH feature will have a configuration as follows:


! SSH with x.509
ip ssh server certificate profile
server
trustpoint sign self-signed-trustpoint-name

Sincerely,

David.
Beginner

Perfect Thank you.