cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Who Me Too'd this topic

DNAC 2.1.2.5 Provisioning Error

Mike.Cifelli
VIP Alumni
VIP Alumni

I recently ran into a new provisioning error after upgrading a 3 node cluster from 1.3.3.7 directly to 2.1.2.5 over the weekend.  When attempting to provision a device I was getting the following error:

prov_dnac_2125_error_LI.jpg

The 'Host name' depicted the cluster vip which was not a part of the TLS cert SAN.  I had to regenerate a new TLS cert to include cluster vips, node IPs, and then update the PKI cert under system settings from within the UI.  Once that was done provisioning worked like a charm.  Note that we never had provisioning errors prior to 2.1.2.5 that generated this error.  TAC is filing a documentation bug as they claim adding the IPs to the SAN field has fixed several similar certificate errors.  HTH anybody that runs into the same issue.

Who Me Too'd this topic