01-16-2023 08:03 AM
Hi,
I have connected a NEW ap in our network but it is not join the WLC. AP is is trying to download the image from WLC but it is getting failed. Ap Model is 2700 series.
I can see the following errors in AP CLI
*Jan 16 16:01:26.023: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_record.c:169 Pkt too old last_seq_num : 11109,Received sequence num: 2 distance: -11107
*Jan 16 16:01:26.027: Using SHA-2 signed certificate for image signing validation.
*Jan 16 16:01:26.095: %PKI-3-CERTIFICATE_INVALID_EXPIRED: Certificate chain validation has failed. The certificate (SN: 4E78A210000000000007) has expired. Validity period ended on 21:43:46 UTC Dec 4 2022
*Jan 16 16:01:26.095: Image signing certificate validation failed (1A).
*Jan 16 16:01:26.099: Failed to validate signature
*Jan 16 16:01:26.099: Digital Signature Failed Validation (flash:/update/ap3g2-k9w8-mx.153-3.JPJ9/final_hash)
*Jan 16 16:01:26.099: AP image integrity check FAILED
Aborting Image Download
Download image failed, notify controller!!! From:8.5.164.0 to 17.3.6.76, FailureCode:3
Anyone can help to resolve the issue?
Regards,
Warshad
01-16-2023 08:06 AM
What WLC Model. what Code running -
First look the Cert is expired :
PKI-3-CERTIFICATE_INVALID_EXPIRED: Certificate chain validation has failed. The certificate (SN: 4E78A210000000000007) has expired. Validity period ended on 21:43:46 UTC Dec 4 2022
check the controller version matrix supported ?
https://www.cisco.com/c/en/us/td/docs/wireless/compatibility/matrix/compatibility-matrix.html
01-16-2023 08:20 AM
Thank you for reply Balaji. I think its a bug. I found this and i this its relevant.
https://bst.cisco.com/bugsearch/bug/CSCwd80290
Regards,
Arshad
01-16-2023 08:32 AM
- Yep , this is the corresponding field notice : https://www.cisco.com/c/en/us/support/docs/wireless/aironet-700-series-access-points/218447-ios-ap-image-download-fails-due-to-expir.html
M.
02-18-2023 06:17 AM
Yes field notice about this below for anyone else reading:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide