Q:
IAP fails to connect to Activate server & shows the error "ASN no signer error to confirm failure"
In this case, IAP is already configured for the following :
However, when we check the ap-debug logs, we would see the following message:
show log ap-debug | include awc
awc[4028]: Failed to establish SSL connection: Error code is -1:ASN no signer error to confirm failure
Explanation for the above error:
When IAP is trying to negotiate the SSL connection,it is unable to verify the activate server certificate.IAP does not have corresponding CA cert which would help it in validating the certificate presented by activate server.
This should ideally not happen as IAP-Activate SSL negotiation is based off factory certificates. Please report such issues to TAC team for further analysis.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.