Hi!
I had a big issue in an old legacy environment consising of RAP-5s and RAP-2s. After a long time of untouched operation on 6.3.1.14 the RAPs didn´t come up after rebooting, when debugging the issue I could see that the IKE complained about some certificate being expired.
After alot of troubleshooting and actions, the thing that "solved" this was to turn back the clock of the controller 1 year. All the RAPs came back up and everything now works fine again.
#show tpm cert-info
show valid certs expiring 2028
I´m guessing it´s the certs on the RAP end that are expired somehow. Anyone know how to verify this? Is there a way to list the details of the certs present in the RAPs?
When debugging I can see that it reads certs from a local store:
/tmp/deviceCerts/ but I don´t get any details. I´d wish to find the certs that are expired to see the root cause.
Cheers,