10-31-2024 11:10 AM - edited 10-31-2024 11:11 AM
Good Day.
I have a Cisco 2500 Series Wireless Controller and i have come across the issue in the Field Notice: FN63942
Following the instructions Situation: The WLC runs fixed software, but some APs cannot join.
i have followed the steps as instructed and i have an Air-CAP3702P-A-K9 that still refuses to join. I get the same error
"%PKI-3-CERTIFICATE_INVALID_EXPIRED: Certificate chain validation has failed. The certificate (SN: 6732C08E0000001FA741) has expired. Validity period ended on 04:53:04 UTC Oct 30 2024Peer certificate verification failed 001A"
I can confirm that the Certificate The certificate (SN: 6732C08E0000001FA741) is on the WLC and not the AP
I an unable to download any software from Cisco due to not having a Service License
Is there a step i missed?
Any help would be appreciated.
Thank you for your time.
PS: if this is not the correct place to put this question. Please let me know and i will remove this post and re-ask the question in the appropriate place.
Solved! Go to Solution.
10-31-2024 12:44 PM - edited 10-31-2024 12:45 PM
8.3.112.0 requires 15.3(3)Jd4. Your problem could not be certificate but version mismatch.
https://www.cisco.com/c/en/us/td/docs/wireless/compatibility/matrix/compatibility-matrix.html
10-31-2024 11:23 AM - edited 10-31-2024 11:24 AM
which software version is on the WLC and which one is on the Access Point?
10-31-2024 12:28 PM - edited 10-31-2024 12:44 PM
The software Version on WLC is 8.3.112.0
The Software version on AP is C3700 Software (AP3G2-RCVK9W8-M), Version 15.2(4)JB1,
Edit reason: found the acutal Software version.
10-31-2024 12:44 PM - edited 10-31-2024 12:45 PM
8.3.112.0 requires 15.3(3)Jd4. Your problem could not be certificate but version mismatch.
https://www.cisco.com/c/en/us/td/docs/wireless/compatibility/matrix/compatibility-matrix.html
10-31-2024 12:53 PM
Oh, i think i understand now. When the AP lost connection to the WLC the first time i did a factory restore, would that have caused a downgrade in the version?
Because i have other AIR-CAP3702P-A-K9's currently on the WLC they have a boot version of 15.2.4.0 but a IOS version 15.3(3)JD4$
10-31-2024 12:58 PM
@aaron-rousch probably this is it. What you can do is try to get the firmware from a working AP and transfer.
10-31-2024 01:01 PM
I will try that, Thank you Flavio.
can i download the correct image from the WLC?
10-31-2024 01:06 PM
I dont believe you can download from the WLC. I believe you can try from another AP.
10-31-2024 01:18 PM
Thank you again for the assistance, Flavio.
I will try and download a working image from a working AP.
Are there any guides here that can help me with this process?
We can close this issue now.
10-31-2024 12:45 PM
@aaron-rousch (wrote) >...The software Version on WLC is 8.3.112.0
To overcome that problem you need 8.5.182.12 (8.5.182.13 for 3504s)
To avoid getting confused ; this one is https://www.cisco.com/c/en/us/support/docs/field-notices/725/fn72524.html
is not FN63942 (those countermeasures don't work for the above FN)
@balaji.bandi Also refers to a corresponding bug report ,
M.
10-31-2024 12:54 PM - edited 10-31-2024 12:56 PM
Thank you for the Reply Marce
it looks like the AP itself got downgraded back to the Boot Version after i had to factory reset it.
seeing as i don't have a Cisco service contract i can't download a new version for the AP or WLC from the website.
10-31-2024 01:11 PM
- @aaron-rousch (wrote) : >...seeing as i don't have a Cisco service contract<