06-12-2015 01:31 AM - edited 07-05-2021 03:23 AM
Hi @All
i had to learn that Cisco use a Certificate to deside that the AP is out of maintenance. This Certificate is just 10 Years valid. So now i have the Problem that same AP´s (AIR-LAP1131AG-E-K9/ AIR-LAP1242AG-E-K9) will reach this 10 Year- Mark in some Months. Is there a chance to monitor that lifecycle via SNMP or something else.
Is this the right certificate that i have to check ?
show crypto ca certificates
Certificate
Status: Available
Certificate Serial Number: xxxxxxx
Certificate Usage: General Purpose
Issuer:
cn=Cisco Manufacturing CA
o=Cisco Systems
Subject:
Name: C1130-c47d4fad886a
ea=support@cisco.com
cn=C1130-c47d4fad886a
o=Cisco Systems
l=San Jose
st=California
c=US
CRL Distribution Points:
http://www.cisco.com/security/pki/crl/cmca.crl
Validity Date:
start date: 11:14:50 UTC Dec 10 2009
end date: 11:24:50 UTC Dec 10 2019
Associated Trustpoints: Cisco_IOS_MIC_cert
Regards Mario
06-12-2015 02:16 AM
06-12-2015 02:25 AM
Hi Leo
the question is how i can monitor the date when the certifikate expire. BTW we use version 8.0.155.0
06-12-2015 02:34 AM
If you run this version, can you disable the AP lifetime-checker? The command is: config ap cert-expiry-ignore {mic|ssc} enable
Additional info can be found HERE.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: