Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Activate Whitelist Download Failed SSL Handshake

This thread has been viewed 0 times

  • 1.  Activate Whitelist Download Failed SSL Handshake

    MVP
    Posted Sep 26, 2018 12:11 PM

    I'm integrating Activate with our RAP controllers and setup the Whitelist Sync. I created a local RO account in Activate and verified I could login. When I issue the "activate whitelist download" command on the controller, looking in the logs I see the following:

     

    Sep 26 12:05:52  activate[4350]: <399816> <4350> <ERRS> |activate|  Activate Whitelist Download Service Failed. Reason:Failed to complete ssl handshake - 1
Sep 26 12:05:52  activate[4350]: <399816> <4350> <ERRS> |activate|  Activate Whitelist Download Service Failed. Reason:Failed to complete ssl handshake - 1
Sep 26 12:05:52  activate[4350]: <399816> <4350> <ERRS> |activate|  Activate Whitelist Download Service Failed. Reason:Failed to setup connection
Sep 26 12:05:52  activate[4350]: <399816> <4350> <ERRS> |activate|  Activate Whitelist Download Service Failed. Reason:Failed to setup connection
Sep 26 12:05:52  activate[4350]: Failed to complete ssl handshake - 1
Sep 26 12:05:52  activate[4350]: Failed to setup connection

    We do have a web proxy in place, but I have these controllers bypassed. Not sure if there's something on the controller I need to do for this to work? 



  • 2.  RE: Activate Whitelist Download Failed SSL Handshake

    EMPLOYEE
    Posted Sep 26, 2018 11:34 PM

    What version of ArubaOS is this?



  • 3.  RE: Activate Whitelist Download Failed SSL Handshake

    EMPLOYEE
    Posted Sep 26, 2018 11:44 PM

    I would configure logging for the activate service:

     

    config t

    config t
    logging level debugging system process activate 

    Then type: 

    activate whitelist download

     After that, type:

    show log system  20 | include activate

     That should give you more information about what is wrong.



  • 4.  RE: Activate Whitelist Download Failed SSL Handshake

    MVP
    Posted Sep 27, 2018 01:55 PM

    This basically gave me the same logs that I already had. For some reason it appears that the controller is unable to complete the SSL handshake with the activate.arubanetworks.com website. 

     

    Is there anything that needs to be done on the controllers to trust the certificate? We have a custom certificate upload for HTTPs and Captive Portal to our controller, but don't see why it would reference that. 



  • 5.  RE: Activate Whitelist Download Failed SSL Handshake

    EMPLOYEE
    Posted Sep 27, 2018 02:01 PM
    You posted error logs, but there should also be debug logging. There are privacy reasons why you would not want to reveal all your logs or your AOS version on this forum, but it will hinder getting to a resolution. In that case, please open a TAC case so they can take a look at everything.