Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Cisco AP stuck in Boot Loop - Digital Signature Failed Validation

So I had a image go bad on an 3602i AP, loaded up a new IOS on the AP. Loaded the new IOS, everything seems fine until it get just about done with the boot and then it reboots itself again. Lots of output but the meat and potatos is this

*Aug 10 07:44:19.999: Using SHA-1 signed certificate for image signing validation.
*Aug 10 07:44:19.999: Error opening file flash:/ap3g2-k9w8-mx.153-3.JA/final_hash.sig
*Aug 10 07:44:19.999: Digital Signature Failed Validation (flash:/ap3g2-k9w8-mx.153-3.JA/final_hash)
*Aug 10 07:44:19.999: AP image integrity check FAILED!

*Aug 10 07:44:19.999: Release image validation failure - restarting AP.

 

Any ideas?

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Ohh, looks like the image you

Ohh, looks like the image you uploaded is corrupted. Its  digital signature is,

Try this when you try to upload a new image
1. If you got it from a *.tar file, extract it to get to the *.bin file

2. copy that bin file

#copy /verify tftp:<IP> flash:

though, try to download the image again.

6 REPLIES
Silver

Ohh, looks like the image you

Ohh, looks like the image you uploaded is corrupted. Its  digital signature is,

Try this when you try to upload a new image
1. If you got it from a *.tar file, extract it to get to the *.bin file

2. copy that bin file

#copy /verify tftp:<IP> flash:

though, try to download the image again.

New Member

This discussion has been

This discussion has been reposted from Additional Communities to the Other Wireless - Mobility Subjects community.

Reloading the Access Point

Reloading the Access Point Image

If your access point has a firmware failure, you must reload the complete access point image file using the Web browser interface or on 1100 and 1200 series access points, by pressing and holding the MODE button for around 30 seconds. You can use the browser interface if the access point firmware is still fully operational and you want to upgrade the firmware image. However, you can use the MODE button when the access point has a corrupt firmware image. On 350 series access points, you cannot use the MODE button to reload the image file, but you can use the CLI through a Telnet or console port connection.

 

refer http://www.cisco.com/c/en/us/td/docs/wireless/access_point/12-2_15_JA/configuration/guide/i12215sc/s15trb.html

New Member

Thanks for the replies

Thanks for the replies everyone! This was a new IOS pushed out to the device AFTER a IOS failure. So no web browser  access. The new IOS had an issue with the hash, which I thought was weird (obviously a bad image). Rather than try to reinvent the wheel, I just used the recovery image.

What I ended up doing was downloading, and booting off of inside rommon, the recovery image via tar -xtract over tftp, letting the WLC grab the AP and push out the IOS onto the AP which solved my issue. Thanks again for the help.

New Member

Worked for me.Load AP with

Worked for me.

Load AP with recovery LWAPP image, then just plug into the WLC network and it was perfect..

Thanks

New Member

Glad I could help! 

Glad I could help! 

1926
Views
0
Helpful
6
Replies
CreatePlease to create content