Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
488
Views
1
Helpful
3
Replies

Certificate requirements for temeletry (Aireos)

LKL4
Level 1
Level 1

‎03-02-2023 10:05 AM

Hello guys,
 
We are trying to connect the Cloud Services (telemetry) of our aireos controller (8540 - version 8.10.171) to a influxdb server and that influxdb server are connected to a grafana. We have performed all of that steps and topology based on this guide (https://www.wifireference.com/2020/01/14/viewing-network-telemetry-from-the-catalyst-9800-with-grafana/#Graphing_Channel_Utilization), so, now we are in the step of the connection between controller and influxdb, but, the controller are warning that message for us "Peer certificate cannot be authenticated with given CA certificates, SSL certificate problem: self sign". Anyone know how to solve this? If we install just a WebAdmin certificate in the controller we can fix that warn? This certificate is needed just in the controller side or influxdb too? 
 
Any help will be appreciated, thanks!
 
 
0 Helpful
3 Replies 3

Prince.O
Spotlight
Spotlight

‎03-02-2023 11:25 AM

Hello,

Based on the error "Peer certificate cannot be authenticated with given CA certificates, SSL certificate problem: self sign". Is this error seen on the wireless controller or influxdb ?

- If the controller, this points to the controller stating the influxdb is using a self signed certificate that is not trusted as it can't verify the cert. I would suggest installing a 3rd party trusted cert signed by a trusted CA on the influxdb so the controller can verify it. 

LKL4
Level 1
Level 1
In response to Prince.O

‎03-09-2023 09:01 AM - edited ‎03-09-2023 09:01 AM

Hello @Prince.O ,

Thats the error seen on WLC:

Peer certificate cannot be authenticated with given CA certificates, SSL certificate problem: self sign

And thats the error seen on InfluxDB:

[33661]: ts=2023-03-08T18:26:38.023703Z lvl=info msg="http: TLS handshake error from 10.1.2.22:53667: remote error: tls: unknown certificate authority" log_id=0gScKP_G000 service=http

I already looked in the controller docs, but I didn't find anything about the certificate requirement for this communication. If anyone has any info about how to resolve that issue, I appreciate it.

 

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame

‎03-02-2023 01:42 PM

That would be interesting if you get that to work.  I know that folks have setup TIG's to get streaming information from the controller. AireOS doesn't do subscription, so just curious what data you will be getting.

-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card