Cisco AP stuck in Boot Loop - Digital Signature Failed Validation
So I had a image go bad on an 3602i AP, loaded up a new IOS on the AP. Loaded the new IOS, everything seems fine until it get just about done with the boot and then it reboots itself again. Lots of output but the meat and potatos is this
*Aug 10 07:44:19.999: Using SHA-1 signed certificate for image signing validation. *Aug 10 07:44:19.999: Error opening file flash:/ap3g2-k9w8-mx.153-3.JA/final_hash.sig *Aug 10 07:44:19.999: Digital Signature Failed Validation (flash:/ap3g2-k9w8-mx.153-3.JA/final_hash) *Aug 10 07:44:19.999: AP image integrity check FAILED!
If your access point has a firmware failure, you must reload the complete access point image file using the Web browser interface or on 1100 and 1200 series access points, by pressing and holding the MODE button for around 30 seconds. You can use the browser interface if the access point firmware is still fully operational and you want to upgrade the firmware image. However, you can use the MODE button when the access point has a corrupt firmware image. On 350 series access points, you cannot use the MODE button to reload the image file, but you can use the CLI through a Telnet or console port connection.
Thanks for the replies everyone! This was a new IOS pushed out to the device AFTER a IOS failure. So no web browser access. The new IOS had an issue with the hash, which I thought was weird (obviously a bad image). Rather than try to reinvent the wheel, I just used the recovery image.
What I ended up doing was downloading, and booting off of inside rommon, the recovery image via tar -xtract over tftp, letting the WLC grab the AP and push out the IOS onto the AP which solved my issue. Thanks again for the help.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...
I have created a Powershell script to automatically add a Wireless Guest
User on Cisco WLCs. (tested on 2500 Series) The script should be
completely self explanatory. Prerequisites: Powershell SNMP Module
(Install-Module -Name SNMP) SNMP Write Access to y...