07-17-2013 06:57 AM - edited 03-01-2019 11:08 AM
After upgrade to 2.1.2a, 2 UCS domains actually came with this error.
Description: default Keyring's certificate is invalid, reason: unknown
Cause: invalid-keyring-certificate
Code: F0909
I did the procedure
FI-A# scope security
FI-A/security # scope keyring default
FI-A/security/keyring # set regenerate yes
FI-A/security/keyring* # commit
Which didn't help ?
Any advice is appreciated
Walter.
07-31-2013 07:10 PM
I'm also dealing with this issue for a customer. Has a TAC been entered and has there been a response?
08-01-2013 10:32 AM
Hi Joe,
Yes, TAC has been involved and there has been a bug opened against this issue. Engineering is actively looking into this and will work to resolve this problem.
Thanks.
-Bruce
08-19-2013 05:36 AM
It's been a few weeks, is there any update to this? I have multiple customer chassis on 2.1(2a) and all having this issue. If I need to open my own case I can, but was hoping to hear about a resolution here.
Thanks,
Allen
08-19-2013 06:05 AM
Hello Allen and all,
If you have upgraded to 2.1.2a and are using self-signed cert and syatem has fault that says cert "status unknown", then no need to open a TAC service request.
Apart from using third party certificate, there is no work around to suppress the fault.
You can safely ignore the alert.
We have fixed the issue where status will be displayed correctly for self-signed certs and would not generate the fault.
The next patch release 2.1.2b will have this fix. I do not have ETA but should be out soon.
I will update the thread once I have additional information.
Thanks for your patience
Padma
08-19-2013 11:17 AM
Thank you Padma, for saying this even more eloquently than I was about to.
Thanks.
-Bruce
09-10-2013 08:06 PM
Hello,
The issue is fixed in UCSM 2.1.2c and above version.
http://www.cisco.com/en/US/docs/unified_computing/ucs/release/notes/UCS_28313.html#wp200273
Padma
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide