Hi Nitass,

In the case of the SSC APs, no certificate is created on the controller. The upgrade tool has the AP generate a Rivest, Shamir, and Adelman (RSA) key pair that is used to sign a self-generated certificate (the SSC). The upgrade tool adds an entry to the controller authentication list with the MAC address of the AP and public key-hash. The controller needs the public key-hash in order to validate the SSC signature.

If the entry has not been added to the controller, check the output CSV file. There should be entries for each AP. If you find the entry, import that file into the controller. If you use the controller command-line interface (CLI) (with use of the config auth-list command) or the switch web, you must import one file at a time. With a WCS, you can import the whole CSV file as a template.

Here is an excellent doc that outlines this process;

Self-Signed Certificate Manual Addition to the Controller for LWAPP-Converted APs

http://www.cisco.com/en/US/products/ps6521/products_configuration_example09186a00806a426c.shtml

Hope this helps!

Rob

Hi Rob.huffman

I have a mistake with procedure of the converting ap.

I didn't use upgrade tool.

This means I don't have csv file.

Could you please advise me?

It has something to do with ap to get ssc key, or not?

Or how to convert this ap back from lwapp.

Thank you

nitass

Hi Nitass,

The AP can be converted back to Autonomous (IOS) using the following method (then try using the LWAPP Upgrade tool for the conversion to obtain the SSC Key);

Reverting the Access Point Back to Autonomous Mode

http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_technical_reference09186a00804fc3dc.html#wp161272

Converting a Lightweight Access Point Back to Autonomous Mode

You can convert an access point from lightweight mode back to autonomous mode by loading a Cisco IOS Release that supports autonomous mode (Cisco IOS release 12.3(7)JA or earlier). If the access point is associated to a controller, you can use the controller to load the Cisco IOS release. If the access point is not associated to a controller, you can load the Cisco IOS release using TFTP.

Using a TFTP Server to Return to a Previous Release

Follow these steps to revert from LWAPP mode to autonomous mode by loading a Cisco IOS release using a TFTP server:

--------------------------------------------------------------------------------

Step 1 The static IP address of the PC on which your TFTP server software runs should be between 10.0.0.2 and 10.0.0.30.

Step 2 Make sure that the PC contains the access point image file (such as c1200-k9w7-tar.122-15.JA.tar for a 1200 series access point) in the TFTP server folder and that the TFTP server is activated.

Step 3 Rename the access point image file in the TFTP server folder to c1200-k9w7-tar.default for a 1200 series access point, c1130-k9w7-tar.default for an 1130 series access point, and c1240-k9w7-tar.default for a 1240 series access point.

Step 4 Connect the PC to the access point using a Category 5 (CAT5) Ethernet cable.

Step 5 Disconnect power from the access point.

Step 6 Press and hold MODE while you reconnect power to the access point.

Step 7 Hold the MODE button until the status LED turns red (approximately 20 to 30 seconds) and then release.

Step 8 Wait until the access point reboots, as indicated by all LEDs turning green followed by the Status LED blinking green.

Step 9 After the access point reboots, reconfigure it using the GUI or the CLI.

From this doc;

http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_technical_reference09186a00804fc3dc.html#wp161272

Hope this helps!

Rob

Dear Rob,

Thank you so much.

For now, It already converted to ios.

I will convert to lwapp again by upgarde tools.

nitass