cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
926
Views
0
Helpful
0
Replies

ISE 1.2 / WLC 5508 EAP-TLS expired certificate error, but wireless still working

tbostrom
Cisco Employee
Cisco Employee

Hi I have a customer that we've deployed ISE 1.2 and WLC 5508s at.  Customer is using EAP-TLS with and everything appears to setup properly.  Users are able to login to the network and authenticate, however, frequently, I'm getting the following error in ISE authentication logs:

12516 EAP-TLS failed SSL/TLS handshake because of an expired certificate in the client certificates chain

OpenSSL messages are:

SSL alert: code=Ox22D=557 : source=local ; type=fatal : message="X509

certificate ex pi red"'

4 727850450.3616:error.140890B2: SS L

rOYbne s: SSL 3_  G ET _CL IE NT  _CE RT IF ICAT E:no ce rtific ate

relurned: s3_ srvr.c: 272 0

I'm not sure if this is cosmetic or if this is something that I should be tracking down.  System isn't in full production yet, but every client seems to be working and there is no expired cert in the chain.  Any ideas what to check?


0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: