I see this seems to happen more often on 2530 switches at which point a zeroize of the crypto keys or removing the IDEVID_ROOT ta-profile (no crypto pki ta-profile IDEVID_ROOT) resolves the issue.
Best, in a production situation, is to reach out to Aruba TAC support to find out that you don't break things that are specific in your environment, especially if you ever did something with certificates on the switch.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
------------------------------
Original Message:
Sent: Mar 26, 2021 12:39 AM
From: Adiputra Pandypta
Subject: HP-2530 Switch Disconnected From Aruba Central (SSL Connect Error)
Hi all,
I have a case where one of my Aruba HP2530-8G-PoEP Switch is suddenly disconnected from Aruba Central. I have 4 unit of same Aruba switch model deployed on buildings and only this one is disconnected from and not in sync with Aruba Central.
I tried to follow troubleshooting tips mentioned in other thread, and I found out that problem occured due to "SSL connect error".
0000:15:25:23.09 ZTP tSvcWorkQ:Sending message to activateCB.ctrlTask
0000:15:25:23.09 ZTP mactivateCtrl:Activate reprovision : connecting to Activate
server
0000:15:25:23.09 ZTP mactivateCtrl:The Standard DNS server 8.8.8.8 is added to
the list of servers
0000:15:25:23.09 ZTP mactivateCtrl:The Standard DNS server 8.8.8.8 is removed
from the list of servers
0000:15:25:23.09 ZTP mactivateCtrl:Hostname resolved with IP: 52.43.137.217:443
0000:15:25:23.09 ZTP mactivateCtrl:Proxy IP is not Configured
0000:15:25:23.09 ZTP mactivateCtrl:EndPoint Url :
https://52.43.137.217/estprovision
0000:15:25:23.09 ZTP mactivateCtrl:SOCKET IS OPEN!!!
0000:15:25:23.30 ZTP mactivateCtrl:curl operation failed : SSL connect error
0000:15:25:23.30 ZTP mactivateCtrl:Retrying connection to Activate server after
300 seconds
Below is the show aruba-central output, it shown the error reason is TSL generic error (code: -1007)
------------------------------
Adiputra Pandypta
------------------------------