12-07-2023 08:08 AM
I logged into a switch and did show log and saw the below log messages. I see cisco prime logs in 3 times. I'm not sure if that's normal. Judging by the time stamp, I don't think it's a time out. I also see Trustpool Download failed. What does the trustpool message mean? does it have anything to do with cisco prime?
Dec 7 08:44:46 AST: %SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: CiscoPrime] [Source: xxxxxxxx] [localport: 22] at 08:44:46 AST Thu Dec 7 2023
000234:
Dec 7 08:48:41 AST: %SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: CiscoPrime] [Source: xxxxxxxx] [localport: 22] at 08:48:41 AST Thu Dec 7 2023
000235:
Dec 7 08:48:44 AST: %SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: CiscoPrime] [Source: xxxxxxxx] [localport: 22] at 08:48:44 AST Thu Dec 7 2023
000236:
Dec 7 08:54:42 AST: %PKI-4-TRUSTPOOL_DOWNLOAD_FAILURE: Trustpool Download failed
12-07-2023 08:14 AM - edited 12-07-2023 08:15 AM
Look at the common errors :
you need to provide more information, what is the device model and what IOS code running ?
If this is IOS XE - check the bug :
12-07-2023 08:46 AM
Version 16.9.1r
C9300-48P
CAT9K_IOSXE
I see that the bug is for ios xe version below 17.10.1, 17.9.1. This might be the issue. Is there anything wrong with not updating and just leaving the bug or would that be a bad idea?
12-07-2023 08:49 AM - edited 12-07-2023 08:49 AM
I am guessing - check your smart License configuration
do you have any other configuration related to security ?
Your IOS XE also got old, suggest to upgrade to any thing above 17.6.X
12-07-2023 08:37 AM
Hello @polleyjb01
Regarding the "Trustpool Download failed" message, this is related to the PKI and certificate management. The trustpool is a collection of trusted certificates used for various security functions, including SSL/TLS connections.
A "Trustpool Download failure" message typically indicates that the device attempted to download an updated set of trusted certificates (CRLs or other certificates), and the download process failed for some reason. This could be due to issues such as connectivity problems, server unavailability, or misconfiguration.
In this context, it may or may not be directly related to Cisco Prime. It's advisable to investigate further by checking the device's PKI settings, connectivity to the server specified for trustpool downloads, and ensuring that the necessary certificates and configurations are correct.
If the issue persists, you may want to consult Cisco Prime logs or documentation to see if there are any specific errors or troubleshooting steps related to trustpool updates.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide