Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
3031
Views
5
Helpful
3
Comments

Field Notice Alert! Cisco IOS/IOS-XE Self-Signed Certificates Will Expire on 01/01/2020

David White
Cisco Employee
Cisco Employee

on ‎12-18-2019 02:50 PM

Field Notice Alert! (FN70489)

 

Self-signed certificates generated from certain Cisco IOS Classic/IOS-XE products will expire on 01/01/2020 00:00:00 UTC if generated prior to the application of CSCvi48253.

 

Cisco has issued a field notice to help customers determine if they are impacted by this issue and to provide instructions if action is needed. Please review the field notice to determine if you may be impacted and to review fixed software versions and workarounds: https://www.cisco.com/c/en/us/support/docs/field-notices/704/fn70489.html

Labels:
Comments
Scarface
Level 1
Level 1
‎12-19-2019 04:08 AM

Hi, Does this impact SSH connections, we are using username/pwd to get into the devices. Please advise. 

 

Thanks

PM

David White
Cisco Employee
Cisco Employee
‎12-19-2019 05:59 AM
In short, NO.

The IOS SSH Server is only impacted when used with X.509 certificates to authenticate the SSH session. (This use of X.509 certificates is rare. Username/password authentication and public/private key authentication are not affected.

Impacted devices using the SSH feature will have a configuration as follows:


! SSH with x.509
ip ssh server certificate profile
server
trustpoint sign self-signed-trustpoint-name

Sincerely,

David.
Scarface
Level 1
Level 1
‎04-16-2020 12:02 PM

Perfect Thank you.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card