On October 11th 2019, the SSL certificate for api.cisco.com has been renewed as the previous one was about to expire. As a result of this change, CSM Image Manager's certificate repository not longer validates the certificate. As a result Image Manager will not be able to download any software images from the Cisco.com files repository until the new api.cisco.com certificate is imported.
This currently affects all CSM versions.
If you CSM server is unable to communicate with api.cisco.com, the Image Manager may display the following error when trying to update the image listing:
Update failed. Last updated at...
In addition, when trying to download an image from, the list, the following error will be shown:
Failed with Exception
The certificate store entry for api.cisco.com can be updated with the new certificate by following these steps:
Navigate to Tools > Security Manager Administration > CCO Settings.
In the Certificates section, remove the api.cisco.com certificate by selecting it from the table and click on Remove.
Retrieve certificate by selecting Other, entering "https://api.cisco.com" in the text box and clicking on "Retrieve certificate".
On next pop-up screen clink on "Accept"
Launch Image Manager and click on check for updates button on the right hand top corner:
After making these changes, Images should be downloaded without issue, and the Image list should update as expected.
Note: This will also affect GeoIP and IPS signature downloads.
Good Morning (UTC -4), Everyone, Is anyone seeing successful VMWare Fusion guest (specifically Windows 10 20H2) 802.1X authentication using bridged mode in MacOS Big Sur? It appears Fusion is swallowing EAP response frames. If you have thi...
Hello everyone, I am migrating from an ASA 9.8 (4) 29 to FMC 6.7, but when migrating with the FMT tool it gives me the following error: Blocked charmap I am importing the configuration through a txt file.If someone has had this error...
Hello Everyone,I have a scenario, where I have to manage the east-west traffic and I have only one inside interface for LAN. So is this possible the traffic enters and exits the same interface in FTD? if yes, then how can I achieve this.thanks.....