I have enabled this "config ap dtls-wlc-mic SHA1/SHA2" on the controller for this error "*AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS." Now i want to remove that command. How to disable it? will this command affect the aps joining in future or other aps if rebooted ? Thanks!
ohk then old AP must have SHA1 certificates.
So if you configure SHA2 on WLC then these old AP will have trouble to join again after reboot.
So better to keep SHA1 on wlc.
Dont forget to rate helpful posts
Thanks for the response..
okay.. it sounds like only one certificate will be enabled on the controller? I mean, wont it have all the certificates enabled if we give those command? I have actually given both the commands in order.. SHA1 and then SHA2 as well.. (is there any other certificates aps will come up with- just curious :))
I could also try reboot one ap and test, but it seems like it will take time ...
As far as I Know: The WLC supports SHA-2 certificates since release 8.0.100, so at this moment this is the only release where this is supported on.
Dont forget to rate helpful posts and also mark it as answered, it may help others
Now running on 188.8.131.52.. may be i can try rebooting 1 ap and see if any issues.. then revert back to SHA1 if needed.. I will update back here,,
Many thanks for your time