Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
486
Views
0
Helpful
4
Replies

Catalyst 9300 - 17.09.04a - Certificate Error

benshitritori1
Level 1
Level 1

‎06-24-2024 07:12 AM - edited ‎06-24-2024 07:23 AM

I got on DNAC the following certificate error on a few Catalyst 9300 switches:
"the following certificates were part of the certificate chain sent by the remote host, but contain hashes that are considered to be weak subject"

"An SSL certificate in the certificate chain has been signed using a weak hash algorithm."

The current version - Cisco IOS XE Software, Version 17.09.04a
Model - C9300L-48P-4X

There is a way to solve it except upgrade firmware?

Thanks in advance

Labels:
0 Helpful
4 Replies 4

Reza Sharifi
Hall of Fame
Hall of Fame

‎06-24-2024 07:32 AM

Have a look at this document. Maybe upgrading the severe certificate can help in resolving the issue:

https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/hardening_guide/b_cisco_catalyst_center_security_best_practices_guide.html#task_zpl_4c2_rbb

HTH

0 Helpful

robad
Level 1
Level 1

‎06-24-2024 07:59 AM

Reza, Do you think that upgrade the IOS version will solve the user's issue also ? [I know he prefer not to, but just asking]

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to robad

‎06-24-2024 08:30 AM

I am not sure if upgrading the IOS alone can solve the issue but it is worth a try.

From the document, it appears that the certificate needs to be updated.

HTH

0 Helpful

benshitritori1
Level 1
Level 1
In response to Reza Sharifi

‎06-25-2024 12:04 AM

Hi,
Thanks for your reply

We don't have "cisco catalyst center" for that
There is another way to do it without it? 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card