cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
731
Views
4
Helpful
2
Replies

Question regarding accesspoint certificates

jino_jacob
Level 1
Level 1

Hi All,

I have a 5508 WLC with 5 1142N accesspoints in one of our branch sites currently running on code 7.0.98.218.

I need to setup NTP server on the WLC and read somewhere that if the  AP certificates validity date/time doesnot fall within in the WLC date/Time then APs would not join the WLC.

I am unable to check the certificate date on the AP CLI as it does not accept the command "Show crypto ca certificates"

1). How do I check the AP certificate validity time?

2). Also is there any chance of wireless service disruption while configuring the NTP server as the date on the controller is one month behind the actual date.

Thanks for any help you could provide.

Jean

1 Accepted Solution

Accepted Solutions

Stephen Rodriguez
Cisco Employee
Cisco Employee

there should be no service interruption for setting NTP. You would only see the log time and date change.

As for the AP the cert should be food I'll at least 2028. I'll see if I can't find a command that will show the valid dates for you.

Steve

Sent from Cisco Technical Support iPhone App

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

View solution in original post

2 Replies 2

Stephen Rodriguez
Cisco Employee
Cisco Employee

there should be no service interruption for setting NTP. You would only see the log time and date change.

As for the AP the cert should be food I'll at least 2028. I'll see if I can't find a command that will show the valid dates for you.

Steve

Sent from Cisco Technical Support iPhone App

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

daviwatk
Level 3
Level 3

From the WLC CLI, you can perform the following debugs to examine certificate information being passed to the WLC from the AP in question during the join process.

> debug mac addr

> debug pm pki enable

You will be able to see all relevant information about the APs certificate at the WLC; validity period included.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: