06-12-2015 01:31 AM - edited 07-05-2021 03:23 AM
Hi @All
i had to learn that Cisco use a Certificate to deside that the AP is out of maintenance. This Certificate is just 10 Years valid. So now i have the Problem that same AP´s (AIR-LAP1131AG-E-K9/ AIR-LAP1242AG-E-K9) will reach this 10 Year- Mark in some Months. Is there a chance to monitor that lifecycle via SNMP or something else.
Is this the right certificate that i have to check ?
show crypto ca certificates
Certificate
Status: Available
Certificate Serial Number: xxxxxxx
Certificate Usage: General Purpose
Issuer:
cn=Cisco Manufacturing CA
o=Cisco Systems
Subject:
Name: C1130-c47d4fad886a
ea=support@cisco.com
cn=C1130-c47d4fad886a
o=Cisco Systems
l=San Jose
st=California
c=US
CRL Distribution Points:
http://www.cisco.com/security/pki/crl/cmca.crl
Validity Date:
start date: 11:14:50 UTC Dec 10 2009
end date: 11:24:50 UTC Dec 10 2019
Associated Trustpoints: Cisco_IOS_MIC_cert
Regards Mario
06-12-2015 02:16 AM
06-12-2015 02:25 AM
Hi Leo
the question is how i can monitor the date when the certifikate expire. BTW we use version 8.0.155.0
06-12-2015 02:34 AM
If you run this version, can you disable the AP lifetime-checker? The command is: config ap cert-expiry-ignore {mic|ssc} enable
Additional info can be found HERE.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide