Core issue

This can happen when there is an error in the certificates.

Resolution

In order to resolve this issue, first  ensure that the time is correctly set on both devices, Cisco Intrusion Prevention System (IPS) and IDS Event Viewer (IEV) console.

If not, complete these steps in order to configure IPS time correctly:

1. On IPS, enter time the parameter configuration mode:
   
   sensor(config)#service Host
   
   sensor(config-Host)#timeParams
   
   
2. Specify the standard time offset from UTC in minutes, as negative numbers represent time zones west of the Prime Meridian:
   
   sensor(config-Host-tim)#offset -360
   
   
3. Specify the standard time zone:
   
   sensor(config-Host-tim)#standardTimeZoneName CST
   
   
4. Enter the summertime parameter configuration mode:
   
   sensor(config-Host-tim)#summerTimeParams
   
   
5. Specify that summertime parameters recur at the same time each year:
   
   sensor(config-Host-tim-sum)#active-selection recurringParams
   
   
6. Enter the recurring summertime parameter configuration mode:
   
   sensor(config-Host-tim-sum)#recurringParams
   
   
7. Specify the summertime time zone name:
   
   sensor(config-Host-tim-sum-rec)#summerTimeZoneName CDT
   
   Next, clear the old key from the sensor and recreate a new key.
   
   
8. Enter this command in order generate the self-signed X.509 certificate, which is needed by TLS:
   
   sensor(config)#tls generate-key
   MD5 fingerprint is 47:B4:C9:36:B1:E7:D2:5E:D1:3E:F6:B7:83:F4:68:60
   SHA1 fingerprint is
   8B:26:BB:EB:04:D4:9F:27:02:0E:25:F7:BE:0E:91:4F:B8:0A:CF:7B
   
   Write down the certificate fingerprints in order to check the authenticity of the certificate when you connect to this sensor with a web browser.

Choose device properties in order to update the IEV key for device and choose update.

You can also clear the SSL cache in Microsoft Internet Explorer.  Choose Tools > Options > Content > Clear SSL State.