Problem installing certificate .pem to WLC4404

Hi, im having several problems trying to upload my auth certificate to WLC. I tried upload to WLC but im having a error "ERROR INSTALLING CERTIFICATE" 
I have seen this link. Which it seems interesting to me but i cant access.. can someone tell me how to access here?????
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsy88149
thanks

This is the error
TFTP Webauth cert transfer starting.
TFTP receive complete... Installing Certificate.
*TransferTask: Jan 22 16:50:28.849: sshpmAddWebauthCert: Extracting private key from webauth cert and using bundled pkcs12 password.
*TransferTask: Jan 22 16:50:30.800: sshpmDecodePrivateKey: calling ssh_skb_decode()...
*TransferTask: Jan 22 16:50:32.716: sshpmDecodePrivateKey: SshPrivateKeyPtr after skb_decode: 0x31afbb70
*TransferTask: Jan 22 16:50:32.717: sshpmAddWebauthCert: got private key; extracting certificate...
*TransferTask: Jan 22 16:50:32.723: sshpmAddWebauthCert: extracted binary cert; doing x509 decode
*TransferTask: Jan 22 16:50:32.724: sshpmAddWebauthCert: doing x509 decode for 1319 byte certificate...
Error installing certificate.

Similar Messages

  • Problem in installing certificate

    I tired to install trial certificate from verisign.
    I followed the instruction as in the admin guide
    First installed the certificate in server cert tab under manage certificate
    then installed in CA cert tab to make the certificate trust. It went well through the wizard but the cert name didnot appear in list of trusted CA cert.
    so to enable ssl i checked enable ssl under the encryption tab.
    and restarted the Directory server ...
    after asking for password (pin)
    it gave me the error failed to start the server not able to start ns-slapd
    error log shows
    [22/Apr/2004:14:52:08 -0500] - Sun-ONE-Directory/5.2 B2003.143.0020 (64-bit) starting up
    [22/Apr/2004:14:52:08 -0500] - WARNING<4753> - SSL - conn=-1 op=-1 msgId=-1 - Security Initialization: Can't find certificate (server-cert-trial) for family cn=RSA,cn=encryption,cn=config (error -5978 - Network file descriptor is not connected.)
    [22/Apr/2004:14:52:08 -0500] - WARNING<4754> - SSL - conn=-1 op=-1 msgId=-1 - Security Initialization: Unable to retrieve private key for cert server-cert-trial of family cn=RSA,cn=encryption,cn=config (error -5978 - Network file descriptor is not connected.)
    [22/Apr/2004:14:52:08 -0500] - ERROR<4756> - SSL - conn=-1 op=-1 msgId=-1 - None of the cipher are valid.
    [22/Apr/2004:14:52:08 -0500] - DEBUG - conn=-1 op=-1 msgId=-1 - SSL socket import or configuration failed.
    [22/Apr/2004:14:52:08 -0500] - DEBUG - conn=-1 op=-1 msgId=-1 - Failed to init daemon
    could any one shed some ligt here.
    Thank you

    Hi.
    Try posting this question in the security newsgroup.
    Thanks,
    Michael
    Ankur wrote:
    I am doing the setup for secure socket layer(SSL) in weblogic server
    I
    have created the certificate which need for ssl by using the Openssl ,
    after
    that I entered path for all the file relate to setup by using the
    weblogic
    console. Once I have complete all this entries, I restarted the server ,
    at
    the time of restart its giving the following error. I am also sending
    the
    screen short of console and the log files as an attachment.
    <Feb 4, 2002 4:45:46 PM GMT-05:00> <Alert> <WebLogicServer> <Security
    configuration problem with certificat
    e file config/cauvery-key.pem, java.io.EOFException>
    java.io.EOFException
    at weblogic.security.Utils.inputByte(Utils.java:133)
    at
    weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
    at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
    at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
    at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:397)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
    at
    weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1039)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:475)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:197)
    at weblogic.Server.main(Server.java:35)
    <Feb 4, 2002 4:45:58 PM GMT-05:00> <Notice> <Management> <Starting
    discovery
    of Managed Server... This feat
    Please help us to solve this problem--
    Michael Young
    Developer Relations Engineer
    BEA Support

  • Facing problem in installing certificate on Weblogic for the SSL

    I am doing the setup for secure socket layer(SSL) in weblogic server
    .I
    have created the certificate which need for ssl by using the Openssl ,
    after
    that I entered path for all the file relate to setup by using the
    weblogic
    console. Once I have complete all this entries, I restarted the server ,
    at
    the time of restart its giving the following error. I am also sending
    the
    screen short of console and the log files as an attachment.
    <Feb 4, 2002 4:45:46 PM GMT-05:00> <Alert> <WebLogicServer> <Security
    configuration problem with certificat
    e file config/cauvery-key.pem, java.io.EOFException>
    java.io.EOFException
    at weblogic.security.Utils.inputByte(Utils.java:133)
    at
    weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
    at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
    at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
    at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:397)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
    at
    weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1039)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:475)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:197)
    at weblogic.Server.main(Server.java:35)
    <Feb 4, 2002 4:45:58 PM GMT-05:00> <Notice> <Management> <Starting
    discovery
    of Managed Server... This feat
    Please help us to solve this problem

    Hi.
    Try posting this question in the security newsgroup.
    Thanks,
    Michael
    Ankur wrote:
    I am doing the setup for secure socket layer(SSL) in weblogic server
    I
    have created the certificate which need for ssl by using the Openssl ,
    after
    that I entered path for all the file relate to setup by using the
    weblogic
    console. Once I have complete all this entries, I restarted the server ,
    at
    the time of restart its giving the following error. I am also sending
    the
    screen short of console and the log files as an attachment.
    <Feb 4, 2002 4:45:46 PM GMT-05:00> <Alert> <WebLogicServer> <Security
    configuration problem with certificat
    e file config/cauvery-key.pem, java.io.EOFException>
    java.io.EOFException
    at weblogic.security.Utils.inputByte(Utils.java:133)
    at
    weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
    at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
    at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
    at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:397)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
    at
    weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1039)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:475)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:197)
    at weblogic.Server.main(Server.java:35)
    <Feb 4, 2002 4:45:58 PM GMT-05:00> <Notice> <Management> <Starting
    discovery
    of Managed Server... This feat
    Please help us to solve this problem--
    Michael Young
    Developer Relations Engineer
    BEA Support

  • Installing certificate problem

    Hi,
    I'm trying to install our company SSL certificate on my new N95. Copied the Certnew.cer file onto my phone, as I have done with every other series 60 phone, and browsed to it in File Manager. Normally I would just open it, it would install before asking me if I want to use it for certificate checking, etc. However, on the N95 is opens the certificate in Notes so it doesn't get installed.
    Any ideas on how I can resolve this?

    This is the error
    TFTP Webauth cert transfer starting.
    TFTP receive complete... Installing Certificate.
    *TransferTask: Jan 22 16:50:28.849: sshpmAddWebauthCert: Extracting private key from webauth cert and using bundled pkcs12 password.
    *TransferTask: Jan 22 16:50:30.800: sshpmDecodePrivateKey: calling ssh_skb_decode()...
    *TransferTask: Jan 22 16:50:32.716: sshpmDecodePrivateKey: SshPrivateKeyPtr after skb_decode: 0x31afbb70
    *TransferTask: Jan 22 16:50:32.717: sshpmAddWebauthCert: got private key; extracting certificate...
    *TransferTask: Jan 22 16:50:32.723: sshpmAddWebauthCert: extracted binary cert; doing x509 decode
    *TransferTask: Jan 22 16:50:32.724: sshpmAddWebauthCert: doing x509 decode for 1319 byte certificate...
    Error installing certificate.

  • Error installing certificate - help

    Hi
    I am trying to install a webauth certificate on a WLC (5508 6.0.188).
    I followed the "Generate CSR for Third-Party Certificates and  Download Unchained Certificates to the WLC" document.
    But when I try to upload the .pem file i get "the" "error installing certificate" promt.
    I did not have any errors using OpenSSL.
    Is there any debug commands that can help clearify the issue.
    The Solution provided in this discussion has been added in the following Blog:-
    https://supportforums.cisco.com/community/netpro/wireless-mobility/security-network-management/blog/2011/11/26/generate-csr-for-third-party-cert-and-download-unchained-cert-on-wireless-lan-controller-wlc

    I was having the same problem and worked on it for probably 8 hours trying numerous different solutions and this is what fixed it for me.
    The OpenSSL versions available from www.openssl.org do not create a final.pem that work with the WLC.
    I downloaded OpenSSL using this link http://www.ingate.com/files/Win32OpenSSL-0.9.6-1.0.zip and installed into C:\OpenSSL (It tries to install to program files, install location doesn't matter I just like it on the root of C)
    I then followed all of the steps outline on Cisco.com http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00806e367a.shtml
    Uploaded the final.pem file and it install without any problems.
    My Cert was purchased from RapidSSL I don't know if that matters or not.
    This was a renewal cert, so it was my second time install a cert to my WLC and I made the mistake of not keeping my original copy of OpenSSL that worked for me the first time.  Don't make the mistake I made and KEEP a copy of the OpenSSL version that works for you.  That will make cert renewal much easier for you.

  • Installing certificate on SunOne Webserver7

    Hi,
    i have installed SunOne webserver 7 on Solaris10.
    i had a problem installing a certificate on
    the SunOne webserver7.
    i got a .p12 certificate from a wellknown CA.
    according to sun i need to enter a .DER
    certificate by path to the file or paste
    the Binary file.
    through openssl command i have converted the .p12 to .pem and from there to .DER.
    but it seems that only one part of the certificate is pass from .pem to .DER.
    which is the privat key or the certificate
    its self i dont know.
    .DER is a binary file so i cant see actually what part did he transfer completly.
    though the SunOne7 says he cant find the private key.
    eventually i have exported the certificate and private key seperatly to .DER files
    but couldnt find the command to join them into one .DER file.
    if someone can help i will appriciate it.
    thanks

    If the certificate and key are in a PKCS#12 format file, then you can import it into a server instance using the pk12util command.
    First ensure that the administration server config store and the instance are synched by deploying/pulling any changes to one of them.
    Then use pk12util to import the pkcs file. You will need the password assigned to the file.
    $ ${server-install-dir}/bin/pk12util -i <exported-pkcs12-file> -d ${server-instance-dir}/configExample:
    $ /d2/nelson/webserver7/bin/pk12util -i /d2/nelson/server.pk12 -d /d2/nelson/webserver7/https-example.com/config
      Enter password for PKCS12 file:
      pk12util: PKCS12 IMPORT SUCCESSFULThen pull the config changes into the admin configuration store using wadm
    wadm> pull-config --config=example.com server.instance
    CLI201 Command 'pull-config' ran successfullyList the certificate
    wadm> list-certs --config=example.com --verbose
    nickname
    ALIAS

  • Installing certificate on M160

    I have an M160 running AsyncOS 6.7.7-202, and two C160 running AsyncOS 7.1.2-020.
    I am installing a certificate on the M160, so that our users accessing the spam quarantine don't get any certificate warnings or errors. I read the knowledgebase and followed these steps:
    1) How do I create a certificate request on Windows using OpenSSL?
    http://ironport.custhelp.com/cgi-bin/ironport.cfg/php/enduser/popup_adp.php?p_faqid=1016&p_created=1202519551&p_sid=Gbh2Ezgk&p_lva=772&p_li=cF91c2VyaWQ9MXJvblAwcnQmcF9wYXNzd2Q9Zm8wQmE1&p_redirect=0&p_sp=cF9zcmNoPTEmcF9zb3J0X2J5PSZwX2dyaWRzb3J0PSZwX3Jvd19jbnQ9NDIsNDImcF9wcm9kcz0wJnBfY2F0cz0wJnBfcHY9JnBfY3Y9JnBfc2VhcmNoX3R5cGU9YW5zd2Vycy5zZWFyY2hfbmwmcF9wYWdlPTEmcF9zZWFyY2hfdGV4dD1zc2w!
    Worked fine.
    2) Installing Certificates on an IronPort Email Security Appliance
    http://ironport.custhelp.com/cgi-bin/ironport.cfg/php/enduser/popup_adp.php?p_faqid=674&p_created=1162604309&p_sid=Gbh2Ezgk&p_lva=772&p_li=cF91c2VyaWQ9MXJvblAwcnQmcF9wYXNzd2Q9Zm8wQmE1&p_redirect=0&p_sp=cF9zcmNoPTEmcF9zb3J0X2J5PSZwX2dyaWRzb3J0PSZwX3Jvd19jbnQ9NDIsNDImcF9wcm9kcz0wJnBfY2F0cz0wJnBfcHY9JnBfY3Y9JnBfc2VhcmNoX3R5cGU9YW5zd2Vycy5zZWFyY2hfbmwmcF9wYWdlPTEmcF9zZWFyY2hfdGV4dD1zc2w!
    Did not work. First I pasted in the certificate I got from Verisign, no problem. Then I pasted the output from privkey.pem generated in step one and I get an error msg. My output:
    mailmgmt.dsb.no> certconfig
    Currently using the demo certificate/key for receiving, delivery, HTTPS management access, and LDAPS.
    Choose the operation you want to perform:
    - SETUP - Configure security certificates and keys.
    []> setup
    Do you want to use one certificate/key for receiving, delivery, HTTPS management access, and LDAPS? [Y]> y
    paste cert in PEM format (end with '.'):
    -----BEGIN CERTIFICATE-----  
    MIIFqjCCBJKgAwIBAgIQJaXYQ2kjWcNWJ13u4Q3h1DANBgkqhkiG9w0BAQUFADCB
    tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
    ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
    YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
    VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTAxMjAz
    MDAwMDAwWhcNMTQxMjAyMjM1OTU5WjCBljELMAkGA1UEBhMCbm8xETAPBgNVBAgT
    CHZlc3Rmb2xkMREwDwYDVQQHFAh0b25zYmVyZzE4MDYGA1UEChQvRGlyZWt0b3Jh
    dGV0IGZvciBzYW1mdW5uc3Npa2tlcmhldCBvZyBiZXJlZHNrYXAxDDAKBgNVBAsU
    A0lDVDEZMBcGA1UEAxQQa2FyYW50ZW5lLmRzYi5ubzCCASIwDQYJKoZIhvcNAQEB
    BQADggEPADCCAQoCggEBAL9NUUey2P1tk3KhnHmS/2EqduRVX3nZTpPAlvXRQOCh
    TYMOIJutcdUJQkoobdRAEXizy1mZngfvQmZHmg481Ivkt1R3iCyRl5LQgDSqWFjG
    3AyGVv8xk5O6R3/rt0PiIKEKcuKXjO9r7vqHVKja5fYMjahCXQeH9NKOQ+QRaEQV
    w9uS46glsr9CT8rZ7B2OEBu18gxGuTZ0avrkfuoyNSBr5sL5OIbpp/Q2kHciy2my
    fxJG7/fuLoO6RFTPp2nikBtOevtgNGLgq9MeyYhb963E6nsA1AhmqQhtEBvBVAAo
    cr3QdDZsW9HoNQ/zqQz5CzYIMIott/LCLn6mQh4ymzUCAwEAAaOCAdEwggHNMAkG
    A1UdEwQCMAAwCwYDVR0PBAQDAgWgMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9T
    VlJTZWN1cmUtRzMtY3JsLnZlcmlzaWduLmNvbS9TVlJTZWN1cmVHMy5jcmwwRAYD
    VR0gBD0wOzA5BgtghkgBhvhFAQcXAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3
    dy52ZXJpc2lnbi5jb20vcnBhMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
    AjAfBgNVHSMEGDAWgBQNRFwWU0TBgn4dIKsl9AFj2L55pTB2BggrBgEFBQcBAQRq
    MGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnZlcmlzaWduLmNvbTBABggrBgEF
    BQcwAoY0aHR0cDovL1NWUlNlY3VyZS1HMy1haWEudmVyaXNpZ24uY29tL1NWUlNl
    Y3VyZUczLmNlcjBuBggrBgEFBQcBDARiMGChXqBcMFowWDBWFglpbWFnZS9naWYw
    ITAfMAcGBSsOAwIaBBRLa7kolgYMu9BSOJsprEsHiyEFGDAmFiRodHRwOi8vbG9n
    by52ZXJpc2lnbi5jb20vdnNsb2dvMS5naWYwDQYJKoZIhvcNAQEFBQADggEBAEWF
    TZa0jO4Zg17O0uOJkxotAAUEsTVXq7HM+8qtPNA3RgmaVyTWsk5v+uWDTA+F5vJs
    nLBFdhZzZFcsBwHFGbXkCLU2IEVa3F/iwIPDVl6TVlOgJgRGuTTRZrayfgqsWSE3
    K2gYBXTeC+cenpAXuzfMiT8LAAYMBtMiwbuS3UtxhPUVzgtpeyccM6bcc6bz2Gnt
    vaIwhBxm+cTByDSTgDnZt7JyCXbof45OmdOP6xn7tEl9dUb/zw+C7RXJ8niscmPt
    2he1UNVHWWJCi2b+NVcz1wMl/zzqcP/Vl0cjl2xG/5iTNO4jdSRzGHD5xVS57ce9
    srWm1LfQ+RQeulyGfO8=
    -----END CERTIFICATE-----
    cert =  -----BEGIN CERTIFICATE-----
    MIIFqjCCBJKgAwIBAgIQJaXYQ2kjWcNWJ13u4Q3h1DANBgkqhkiG9w0BAQUFADCB
    tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
    ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
    YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
    VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTAxMjAz
    MDAwMDAwWhcNMTQxMjAyMjM1OTU5WjCBljELMAkGA1UEBhMCbm8xETAPBgNVBAgT
    CHZlc3Rmb2xkMREwDwYDVQQHFAh0b25zYmVyZzE4MDYGA1UEChQvRGlyZWt0b3Jh
    dGV0IGZvciBzYW1mdW5uc3Npa2tlcmhldCBvZyBiZXJlZHNrYXAxDDAKBgNVBAsU
    A0lDVDEZMBcGA1UEAxQQa2FyYW50ZW5lLmRzYi5ubzCCASIwDQYJKoZIhvcNAQEB
    BQADggEPADCCAQoCggEBAL9NUUey2P1tk3KhnHmS/2EqduRVX3nZTpPAlvXRQOCh
    TYMOIJutcdUJQkoobdRAEXizy1mZngfvQmZHmg481Ivkt1R3iCyRl5LQgDSqWFjG
    3AyGVv8xk5O6R3/rt0PiIKEKcuKXjO9r7vqHVKja5fYMjahCXQeH9NKOQ+QRaEQV
    w9uS46glsr9CT8rZ7B2OEBu18gxGuTZ0avrkfuoyNSBr5sL5OIbpp/Q2kHciy2my
    fxJG7/fuLoO6RFTPp2nikBtOevtgNGLgq9MeyYhb963E6nsA1AhmqQhtEBvBVAAo
    cr3QdDZsW9HoNQ/zqQz5CzYIMIott/LCLn6mQh4ymzUCAwEAAaOCAdEwggHNMAkG
    A1UdEwQCMAAwCwYDVR0PBAQDAgWgMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9T
    VlJTZWN1cmUtRzMtY3JsLnZlcmlzaWduLmNvbS9TVlJTZWN1cmVHMy5jcmwwRAYD
    VR0gBD0wOzA5BgtghkgBhvhFAQcXAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3
    dy52ZXJpc2lnbi5jb20vcnBhMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
    AjAfBgNVHSMEGDAWgBQNRFwWU0TBgn4dIKsl9AFj2L55pTB2BggrBgEFBQcBAQRq
    MGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnZlcmlzaWduLmNvbTBABggrBgEF
    BQcwAoY0aHR0cDovL1NWUlNlY3VyZS1HMy1haWEudmVyaXNpZ24uY29tL1NWUlNl
    Y3VyZUczLmNlcjBuBggrBgEFBQcBDARiMGChXqBcMFowWDBWFglpbWFnZS9naWYw
    ITAfMAcGBSsOAwIaBBRLa7kolgYMu9BSOJsprEsHiyEFGDAmFiRodHRwOi8vbG9n
    by52ZXJpc2lnbi5jb20vdnNsb2dvMS5naWYwDQYJKoZIhvcNAQEFBQADggEBAEWF
    TZa0jO4Zg17O0uOJkxotAAUEsTVXq7HM+8qtPNA3RgmaVyTWsk5v+uWDTA+F5vJs
    nLBFdhZzZFcsBwHFGbXkCLU2IEVa3F/iwIPDVl6TVlOgJgRGuTTRZrayfgqsWSE3
    K2gYBXTeC+cenpAXuzfMiT8LAAYMBtMiwbuS3UtxhPUVzgtpeyccM6bcc6bz2Gnt
    vaIwhBxm+cTByDSTgDnZt7JyCXbof45OmdOP6xn7tEl9dUb/zw+C7RXJ8niscmPt
    2he1UNVHWWJCi2b+NVcz1wMl/zzqcP/Vl0cjl2xG/5iTNO4jdSRzGHD5xVS57ce9
    srWm1LfQ+RQeulyGfO8=
    -----END CERTIFICATE-----
    paste key in PEM format (end with '.'):
    -----BEGIN RSA PRIVATE KEY-----
    MIIEpAIBAAKCAQEAv01RR7LY/W2TcqGceZL/YSp25FVfedlOk8CW9dFA4KFNgw4gm61x1QlCSiht1EAReLPLWZmeB+9CZkeaDjzUi+S3VHeILJGXktCANKpYWMbcDIZW/zGTk7pHf+u3Q+IgoQpy4peM72vu+odUqNrl9gyNqEJdB4f00o5D5BFoRBXD25LjqCWyv0JPytnsHY4QG7XyDEa5NnRq+uR+6jI1IGvmwvk4humn9DaQdyLLabJ/Ekbv9+4ug7pEVM+naeKQG056+2A0YuCr0x7JiFv3rcTqewDUCGapCG0QG8FUAChyvdB0Nmxb0eg1D/OpDPkLNggwii238sIufqZCHjKbNQIDAQABAoIBAEPWXyRVv6ze1pKnzJ0wC2+hZ1fBDoJfFQZAHUg+VAtUJ/B5agbKkrtA9Ujm3UuPDKMI3ut/FhMqPRmX+oFiAN061egWGyvy1RUy6sPCRGH24sFuQhtssTCJtiEerXZdEcUJt4Oyyj98vtoIc3UNas691N396o9pHuAroteVdKvvju1NCCAiM5mrK1H6BF6ODC4m/vR7U2RBKV2mvfb/u7qiXsXsnEb/Ybe+HeoMOEtCNiFQDQz1dn8PiQXIJVRyauHdXzM9gmw8Orudgatl+0rLrWBuhNbqoG92xEdhNaEgUgr9sWaB99U6dnzcLs4wG9cWWTboaT7dJ9ThQEESSQECgYEA4rWPOWdZFJA8o3Ypv7VCAFdYZdZ4WjmL5tJB5eFrvR7AV/6J87VehZvqswkW5BndKN6wLf62QsMrSUk2C+RRILp3wwFkTQeMaKcY7egKC2U/UZTA1FCb/FgNeMPVCu/IEz2Q98uX16WMbeXKu9KMCuIn30L8IuNPD4bUTGWWG7kCgYEA2ASo7P6BJIewOeOnjjf6hE8JmPMoyZ9bzv0wWW8GPY3lcImeZBASOGKyYP9AT76T2GjshTNwz5dABUwYB/OjPlWOW3CMAxi46UmKsMm9+jLEQGCzB9qEthheUPPuFLFQNiJmH8C2v6pwRRnqaAv/FqHA8SpFaJDVTi4XsouNUV0CgYBuFJac2u/IKlknTeLrsUmA/OhxWnhJ5xNlWsagppo31Ey07WVyrqhc295UXJ9+1ogqpiaJztoVBMtp5GCX2Z8C80ffqjdXp8insCtMqZTm/5yFMmOHNDTpjJ/N+djiXJebsBNKHtN15G6RljighpV1W2bc45umHRVwhpljFxiSEQKBgQDMOzOexUxBxkuVn6fFrSUbvEIdqh9w6Ep7myMAGxiyT5qR2Hq4rf0b9Cwjyo/6FPtgymp70NOiYKR1najGs9Et2OO7jd/B+bixTwdh94q2pxKmrwX0seNw6f8Z2FXKmI12cPVOpfvhn/l/S240KstkkU+Ccu2mW/BfdvKOqqPUPQKBgQCADxSrm7TTH2FXi2zaSvcRmX2y4vnQ7nQZ6JfCQ4lqNLWP1pw/APyJoCw64rsWNTYATOJ9yMUORdtFv3Lrs2fAy/p5AzXGkPG6qWoRcY7SzGWEiSCuRdFwpkpJuIJEyCC/aYr8vIBLJfagGM5qsDeFXyTT5JPZyl+YJA/fIBm4jA==
    -----END RSA PRIVATE KEY-----
    Invalid key...discarding.
    paste cert in PEM format (end with '.'):
    I never get to the question about the intermediate certificate. Help anyone?

    More info:
    I tried generating a new privkey.pem:
    OpenSSL> genrsa -out privkey.pem 2048
    Loading 'screen' into random state - done
    Generating RSA private key, 2048 bit long modulus
    ................+++
    .........+++
    e is 65537 (0x10001)
    I copied it into Word, and then into Notepad to get the format right:
    -----BEGIN RSA PRIVATE KEY-----
    MIIEpAIBAAKCAQEAuNWA2ygU04fKYDIjBk81FkkaAvghZBCSKT2UwV3I40ZC5cqU
    YrjTF1TlIovZdtdNtlFyayTfRlji+Rsho/+UtMIEj6HvSSWOU8GcryCc01UEpm2a
    /4P+RkR8FRjXQ0HYmZqRvLIb2ggY/X+s4v/Hs+rT/gtigDqlbDKKR2wnrAJ5RHgE
    Apj8eWl145EW1cz11/FEByCLtzOSlw8PWgR+AU9+CvkIIPIGiR3jjjCFMvrhuIf1
    uzm8PXanEnChZu/2LMhelYqAO1GAT8ZIC7uKEcIHzxZ3nl8dzD8Xp1ekKGRgquI2
    V2MCMPw/4aE51RxI5Yt6GA/CtGaywUc3LW+4QQIDAQABAoIBAQCrcXZtUddHghvo
    cHjmYE/4lOPovymRvIEmebViStCMZ16j8O0ESTWb3aYQDjIvNnQh2ZhM482qXcZi
    k5T3npjbtV8vr1/ZtFk5PUxNcO2mZKTEjsQHn/IaUWna08jP3OLBT4tAwOBus7Yi
    ZOwDPoeJThdG/F5oXH2WR6bVqu99btWXYnzt8Z/qSN8O9b0TFZyrOcWvPGmSP06e
    NfRSipANxfvomvyyU9JY9kC94ybgyso/pyRoO9hQAfcUK60aXeAYIEe6wgughRaR
    aK0ZHvCJnDw62+E34smtYgsfqjIn+bpoLphuAE8qclHaz/xjG3f75b7/UUiJWjCJ
    u1EfQOlVAoGBAOf3sFcakgn2jhoHkbwVQL3ku1JiD8ajS6vVfBMwgwlRTFgiLdIj
    +7hLu11zCJWLMbJ6p6W/h/l4CfiWKsyhjnmrAeQ6CNkP9exz8M5CkcWRDthvslPh
    4TG2etWhPCjbyyNFlbTDdc2n96Up7h2QNw1p/+C6jXktK6RkSxQdBf6PAoGBAMv7
    uZiDc2jdlwiPkD5k4cawKTNxIamA8NrrlWRBMdWuNsNSE5Fmt9DQ3ryvDGhvdhdo
    fRTjiHzm/un7YQBPtHJg98E932C4dlxqPvmLZE5RrGa+A57pyu1tfj9QIcyge9XC
    ryUD8qzLNpMBkyIeQv35pjXtlZemMGOuFzl+yEQvAoGAXfsD/sZNFKxHtlQKv2D8
    8fKR0jbYnWnbZqr/seadsFC31Z1DYzgg6/IC30GT4MKcR+tZsNWAiZoQsB5nCLEL
    wE+AXK8GlqrYwAvZLDfcR2cV1KqsXT/OtQ1xhsvkS8mA67FtjecC+2dp9gie6Gtd
    YpnniW0LlGSwodHgeS2pGBECgYEArgXATcv/XryFCImqDoD0WRSa4ccnZ7uYP7xy
    RAiWomyxTastBIP0V9KJ48EXPdWxksDSzUpce+p6GVYbaC+Xi2kMlTDa7GISoD8I
    IM75sRNemHyNDDr6o9ogtZUAcNmNLE2eLF8U3rOziHD0fEwC7TfZw/JACBOA/tlb
    +PIfmoMCgYAzF9wndhOa/c3aZDAwI4DyWT5O5hdaJlt2EQU1SLIL31fVJs+Hnasb
    Dcm1FgulF5xzBod6nF/GAPBcc/J8IlRhVhW9GUc+r8mN1jUl+FBvVfmEiSu5dwax
    6kreMnXK4eVgBWIUSkV+QkehWmOMJUoTZe3rFKO28I++W7Ysr+39RQ==
    -----END RSA PRIVATE KEY-----
    I then pasted it into the M160 just to see if it would accept it, and it did not:
    mailmgmt.dsb.no> certconfig
    Currently using the demo certificate/key for receiving, delivery, HTTPS management access, and LDAPS.
    Choose the operation you want to perform:
    - SETUP - Configure security certificates and keys.
    []> setup
    Do you want to use one certificate/key for receiving, delivery, HTTPS management access, and LDAPS? [Y]> y
    paste cert in PEM format (end with '.'):
    -----BEGIN RSA PRIVATE KEY-----
    MIIEpAIBAAKCAQEAuNWA2ygU04fKYDIjBk81FkkaAvghZBCSKT2UwV3I40ZC5cqU
    YrjTF1TlIovZdtdNtlFyayTfRlji+Rsho/+UtMIEj6HvSSWOU8GcryCc01UEpm2a
    /4P+RkR8FRjXQ0HYmZqRvLIb2ggY/X+s4v/Hs+rT/gtigDqlbDKKR2wnrAJ5RHgE
    Apj8eWl145EW1cz11/FEByCLtzOSlw8PWgR+AU9+CvkIIPIGiR3jjjCFMvrhuIf1
    uzm8PXanEnChZu/2LMhelYqAO1GAT8ZIC7uKEcIHzxZ3nl8dzD8Xp1ekKGRgquI2
    V2MCMPw/4aE51RxI5Yt6GA/CtGaywUc3LW+4QQIDAQABAoIBAQCrcXZtUddHghvo
    cHjmYE/4lOPovymRvIEmebViStCMZ16j8O0ESTWb3aYQDjIvNnQh2ZhM482qXcZi
    k5T3npjbtV8vr1/ZtFk5PUxNcO2mZKTEjsQHn/IaUWna08jP3OLBT4tAwOBus7Yi
    ZOwDPoeJThdG/F5oXH2WR6bVqu99btWXYnzt8Z/qSN8O9b0TFZyrOcWvPGmSP06e
    NfRSipANxfvomvyyU9JY9kC94ybgyso/pyRoO9hQAfcUK60aXeAYIEe6wgughRaR
    aK0ZHvCJnDw62+E34smtYgsfqjIn+bpoLphuAE8qclHaz/xjG3f75b7/UUiJWjCJ
    u1EfQOlVAoGBAOf3sFcakgn2jhoHkbwVQL3ku1JiD8ajS6vVfBMwgwlRTFgiLdIj
    +7hLu11zCJWLMbJ6p6W/h/l4CfiWKsyhjnmrAeQ6CNkP9exz8M5CkcWRDthvslPh
    4TG2etWhPCjbyyNFlbTDdc2n96Up7h2QNw1p/+C6jXktK6RkSxQdBf6PAoGBAMv7
    uZiDc2jdlwiPkD5k4cawKTNxIamA8NrrlWRBMdWuNsNSE5Fmt9DQ3ryvDGhvdhdo
    fRTjiHzm/un7YQBPtHJg98E932C4dlxqPvmLZE5RrGa+A57pyu1tfj9QIcyge9XC
    ryUD8qzLNpMBkyIeQv35pjXtlZemMGOuFzl+yEQvAoGAXfsD/sZNFKxHtlQKv2D8
    8fKR0jbYnWnbZqr/seadsFC31Z1DYzgg6/IC30GT4MKcR+tZsNWAiZoQsB5nCLEL
    wE+AXK8GlqrYwAvZLDfcR2cV1KqsXT/OtQ1xhsvkS8mA67FtjecC+2dp9gie6Gtd
    YpnniW0LlGSwodHgeS2pGBECgYEArgXATcv/XryFCImqDoD0WRSa4ccnZ7uYP7xy
    RAiWomyxTastBIP0V9KJ48EXPdWxksDSzUpce+p6GVYbaC+Xi2kMlTDa7GISoD8I
    IM75sRNemHyNDDr6o9ogtZUAcNmNLE2eLF8U3rOziHD0fEwC7TfZw/JACBOA/tlb
    +PIfmoMCgYAzF9wndhOa/c3aZDAwI4DyWT5O5hdaJlt2EQU1SLIL31fVJs+Hnasb
    Dcm1FgulF5xzBod6nF/GAPBcc/J8IlRhVhW9GUc+r8mN1jUl+FBvVfmEiSu5dwax
    6kreMnXK4eVgBWIUSkV+QkehWmOMJUoTZe3rFKO28I++W7Ysr+39RQ==
    -----END RSA PRIVATE KEY-----
    Invalid certificate...discarding.
    paste cert in PEM format (end with '.'):
    It's the private key file that seems to be the problem here...?

  • Installing Certificate from Microsoft CA (.pfx) in Cisco Prime Infrastructure 1.2

    Hello,
    we are trying to install certificates from our CA on our Cisco Prime Infrastructure 1.2
    What we get from our colleagues is a file in .pfx format, containing an exportable key and the whole certificate chain.
    On the prime server, using openssl 0.9.8, we exportet the key and converted the file to .pem.
    When trying to install the certificate, we get the following error code:
    prime# ncs key importkey key-nopw.pem newcert.pem repository certificate
    INFO: no staging url defined, using local space.        rval:2
    ERROR: dowload of key-nopw.pem failed.  rval:-200
    Does anyone have an idea what formats can be used for prime ssl certificates and how to install them?
    The official guide has only little information on how to make a csr and install the certificate.
    Best regards,
    Joerg

    I solved the same problem 5min ago.!
    select the device and press syc ..that helped me ...

  • Problem with certificate authentication at wlc 4402

    Hi,
    we have a problem to get a connection from the client to the WLC. 
    we  are using Cisco Aironet 1130 AG and a Cisco 4402 WLC in our network. The certificate service is installed on a Windows 2008 R2 server. We use a standalone Root CA with a Enterprise Sub CA hierarchy. Issueing certificates to clients works fine. The vendor and ca certificates are installed on the WLC and the user have his user certificate. During implementation we used following document: "http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a008093f1b9.shtml#wlc". Instead of Anonymous Bind, we use a service user to read in AD (works fine, too).
    We use the Intel/PRO wireless utility on our Testclient and configured it for EAP-FAST and TLS. We can select the installed certificate in the utility, but when we try to connect, the utility throw the message: "Authentication failed due to an invalid certificate".
    We´ve logged the WLC and thats a part of the logfile (i´ve greyed out all enterprise data):
    *EAP Framework: Jan 18 12:08:21.921: EAP-AUTH-EVENT: Waiting for asynchronous reply from LL
    *LDAP DB Task 1: Jan 18 12:08:21.921: ldapTask [1] received msg 'REQUEST' (2) in state 'IDLE' (1)
    *LDAP DB Task 1: Jan 18 12:08:21.922: LDAP server 1 changed state to INIT
    *LDAP DB Task 1: Jan 18 12:08:21.922: LDAP_OPT_REFERRALS = -1*LDAP DB Task 1: Jan 18 12:08:21.925: LDAP_CLIENT: UID Search (...)))
    *LDAP DB Task 1: Jan 18 12:08:21.926: LDAP_CLIENT: ldap_search_ext_s returns 0 85
    *LDAP DB Task 1: Jan 18 12:08:21.926: LDAP_CLIENT: Returned 2 msgs including 0 references
    *LDAP DB Task 1: Jan 18 12:08:21.926: LDAP_CLIENT: Returned msg 1 type 0x64
    *LDAP DB Task 1: Jan 18 12:08:21.926: LDAP_CLIENT: Received 1 attributes in search entry msg
    *LDAP DB Task 1: Jan 18 12:08:21.927: LDAP_CLIENT: Returned msg 2 type 0x65
    *LDAP DB Task 1: Jan 18 12:08:21.927: LDAP_CLIENT : No matched DN
    *LDAP DB Task 1: Jan 18 12:08:21.927: LDAP_CLIENT : Check result error 0 rc 1013
    *LDAP DB Task 1: Jan 18 12:08:21.927: LDAP_CLIENT: Received no referrals in search result msg
    *LDAP DB Task 1: Jan 18 12:08:21.927: ldapAuthRequest [1] called lcapi_query base="..." (rc = 0 - Success)
    *LDAP DB Task 1: Jan 18 12:08:21.927: LDAP ATTR> dn = CN=... (size 76)
    *LDAP DB Task 1: Jan 18 12:08:21.927: Handling LDAP response Success
    *LDAP DB Task 1: Jan 18 12:08:21.927: 18:3d:a2:0a:ec:bc [Response] Client requested no retries for mobile 18:3D:A2:0A:EC:BC
    *LDAP DB Task 1: Jan 18 12:08:21.927: 18:3d:a2:0a:ec:bc Returning AAA Success for mobile 18:3d:a2:0a:ec:bc
    *LDAP DB Task 1: Jan 18 12:08:21.927: AuthorizationResponse: 0x33a5affc*LDAP DB Task 1: Jan 18 12:08:21.928: LOCAL_AUTH: Found context matching MAC address - 319
    *LDAP DB Task 1: Jan 18 12:08:21.928: LOCAL_AUTH: (EAP:319) User credential callback invoked
    *LDAP DB Task 1: Jan 18 12:08:21.928: LOCAL_AUTH: EAP Unable to find password in credentials. Skipped
    *LDAP DB Task 1: Jan 18 12:08:21.928: LOCAL_AUTH: EAP Unable to find wlan in credentials. Skipped
    *LDAP DB Task 1: Jan 18 12:08:21.928: Authenticated bind : Closing the binded session*LDAP DB Task 1: Jan 18 12:08:21.928: ldapClose [1] called lcapi_close (rc = 0 - Success)
    *LDAP DB Task 1: Jan 18 12:08:21.929: LDAP server 1 changed state to IDLE
    *EAP Framework: Jan 18 12:08:21.930: EAP-EVENT: Received event 'EAP_LL_REPLY' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:21.930: EAP-AUTH-EVENT: Using credential profile name: ...(0x78000041)
    *EAP Framework: Jan 18 12:08:21.930: EAP-AUTH-EVENT: Maximum EAP packet size: 1000
    *EAP Framework: Jan 18 12:08:21.930: EAP-AUTH-EVENT: Sending method new context directive for EAP context 0x78000041
    *EAP Framework: Jan 18 12:08:21.930: EAP-EVENT: Sending method directive 'New Context' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:21.930: eap_fast.c-EVENT: New context (EAP handle = 0x78000041)
    *EAP Framework: Jan 18 12:08:21.931: id_manager.c-AUTH-SM: Got new ID f700000e - id_get
    *EAP Framework: Jan 18 12:08:21.931: eap_fast.c-EVENT: Allocated new EAP-FAST context (handle = 0xF700000E)
    *EAP Framework: Jan 18 12:08:21.931: EAP-AUTH-EVENT: Sending method data for context 0x78000041
    *EAP Framework: Jan 18 12:08:21.931: EAP-EVENT: Sending method directive 'Receive Packet' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:21.931: eap_fast_auth.c-AUTH-EVENT: Process Response (EAP handle = 0x78000041)
    *EAP Framework: Jan 18 12:08:21.931: eap_fast_auth.c-AUTH-EVENT: Received Identity
    *EAP Framework: Jan 18 12:08:21.931: eap_fast_tlv.c-AUTH-EVENT: Adding PAC A-ID TLV (436973636f0000000000000000000000)
    *EAP Framework: Jan 18 12:08:21.931: eap_fast_auth.c-AUTH-EVENT: Sending Start
    *EAP Framework: Jan 18 12:08:21.931: eap_fast_auth.c-AUTH-SM: Changing state: Reset -> Start
    *EAP Framework: Jan 18 12:08:21.931: eap_fast.c:2367: eap-fast tx packet:
    *EAP Framework: Jan 18 12:08:21.931: eap_fast.c:138: Version: 1  Flags:S  Length:0x0014
    *EAP Framework: Jan 18 12:08:21.931: eap_core.c:1422:     Payload:  00040010436973636F00000000000000 ...
    *EAP Framework: Jan 18 12:08:21.931: eap_fast.c-TX-AUTH-PAK:
    *EAP Framework: Jan 18 12:08:21.931: eap_core.c:1484: Code:REQUEST  ID:0x 0  Length:0x001a  Type:FAST
    *EAP Framework: Jan 18 12:08:21.932: eap_core.c:1422:     Payload:  2100040010436973636F000000000000 ...
    *EAP Framework: Jan 18 12:08:21.932: EAP-AUTH-EVENT: EAP method state: Continue
    *EAP Framework: Jan 18 12:08:21.932: EAP-AUTH-EVENT: EAP method decision: Unknown
    *EAP Framework: Jan 18 12:08:21.932: EAP-AUTH-EVENT: Current method = 43
    *EAP Framework: Jan 18 12:08:21.932: EAP-AUTH-EVENT: Sending packet to lower layer for context 0x78000041
    *EAP Framework: Jan 18 12:08:21.932: EAP-AUTH-TX-PAK:
    *EAP Framework: Jan 18 12:08:21.932: eap_core.c:1484: Code:REQUEST  ID:0x 2  Length:0x001a  Type:FAST
    *EAP Framework: Jan 18 12:08:21.932: eap_core.c:1422:     Payload:  2100040010436973636F000000000000 ...
    *EAP Framework: Jan 18 12:08:21.932: EAP-EVENT: Started 'Authenticator Retransmit' timer (60) for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:21.932: EAP-EVENT: Started EAP tick timer
    *EAP Framework: Jan 18 12:08:21.932: EAP-EVENT: Sending lower layer event 'EAP_TX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:21.932: LOCAL_AUTH: Found matching context for id - 319
    *EAP Framework: Jan 18 12:08:21.932: LOCAL_AUTH: (EAP:319) transmit event
    *EAP Framework: Jan 18 12:08:21.932: AuthorizationResponse: 0x13c713fc*EAP Framework: Jan 18 12:08:21.934: LOCAL_AUTH: AAA LOCAL AUTH EAP PKT AVP attribute 4f length 1a
    *EAP Framework: Jan 18 12:08:21.934: LOCAL_AUTH: AAA LOCAL AUTH TX PKT DUMP code cc id 00 type 2b
    *aaaQueueReader: Jan 18 12:08:22.290: LOCAL_AUTH: EAP: Received an auth request
    *aaaQueueReader: Jan 18 12:08:22.290: LOCAL_AUTH: Found context matching MAC address - 319
    *aaaQueueReader: Jan 18 12:08:22.290: LOCAL_AUTH: (EAP:319) Sending the Rxd EAP packet (id 2) to EAP subsys
    *EAP Framework: Jan 18 12:08:22.291: EAP-EVENT: Received event 'EAP_RX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.291: EAP-AUTH-RX-PAK:
    *EAP Framework: Jan 18 12:08:22.291: eap_core.c:1484: Code:RESPONSE  ID:0x 2  Length:0x0042  Type:FAST
    *EAP Framework: Jan 18 12:08:22.291: eap_core.c:1422:     Payload:  810000003816030100330100002F0301 ...
    *EAP Framework: Jan 18 12:08:22.291: EAP-EVENT: Stopping 'Authenticator Retransmit' timer for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.291: EAP-AUTH-EVENT: EAP Response received by context 0x78000041
    *EAP Framework: Jan 18 12:08:22.291: EAP-AUTH-EVENT: EAP Response type = Method (43)
    *EAP Framework: Jan 18 12:08:22.291: EAP-AUTH-EVENT: Sending method data for context 0x78000041
    *EAP Framework: Jan 18 12:08:22.292: EAP-EVENT: Sending method directive 'Receive Packet' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.292: eap_fast.c-AUTH-EVENT: Process Response, type: 0x2b
    *EAP Framework: Jan 18 12:08:22.292: eap_fast_auth.c-AUTH-EVENT: Process Response (EAP handle = 0x78000041)
    *EAP Framework: Jan 18 12:08:22.292: eap_fast_auth.c-RX-AUTH-PAK:
    *EAP Framework: Jan 18 12:08:22.292: eap_core.c:1484: Code:RESPONSE  ID:0x 2  Length:0x0042  Type:FAST
    *EAP Framework: Jan 18 12:08:22.292: eap_core.c:1422:     Payload:  810000003816030100330100002F0301 ...
    *EAP Framework: Jan 18 12:08:22.292: eap_fast_auth.c-AUTH-EVENT: Received TLS record type: Handshake in state: Start
    *EAP
    Framework: Jan 18 12:08:22.292: EAP-EVENT: Sending lower layer event
    'EAP_GET_CREDENTIAL_PROFILE_FROM_PROFILE_NAME' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.292: LOCAL_AUTH: Found matching context for id - 319
    *EAP
    Framework: Jan 18 12:08:22.292: LOCAL_AUTH: (EAP:319) Returning profile
    *EAP Framework: Jan 18 12:08:22.293: IOS_PKI_SHIM: [StartSession] - New session 0x335ee108 started (TP = 'vendor')
    *EAP Framework: Jan 18 12:08:22.293: IOS_PKI_SHIM: [StartSession] - Trustpoint identity (cert) set to 'Vendor'
    *EAP
    Framework: Jan 18 12:08:22.297: IOS_PKI_SHIM: [ID-CERT] Subject : ...
    *EAP Framework: Jan 18
    12:08:22.297: IOS_PKI_SHIM: [ID-CERT] Issuer : ...
    *EAP Framework: Jan 18
    12:08:22.297: IOS_PKI_SHIM: [ID-CERT] Valid from '2012 Jan 12th,
    17:06:50 GMT' to '2016 Jan 11th, 17:06:50 GMT'
    *EAP Framework: Jan 18 12:08:22.297: IOS_PKI_SHIM: [ID-CERT] Is not a CA cert
    *EAP Framework: Jan 18 12:08:22.297: IOS_PKI_SHIM: Added cert (type 1) to chain (1 present on chain)
    *EAP
    Framework: Jan 18 12:08:22.300: IOS_PKI_SHIM: [CA-CERT] Subject :
    *EAP Framework: Jan 18 12:08:22.301: IOS_PKI_SHIM: [CA-CERT] Issuer : CN=...
    *EAP
    Framework: Jan 18 12:08:22.301: IOS_PKI_SHIM: [CA-CERT] Valid from
    '2012 Jan 12th, 16:54:49 GMT' to '2020 Jan 12th, 17:04:49 GMT'
    *EAP Framework: Jan 18 12:08:22.301: IOS_PKI_SHIM: [CA-CERT] Is a CA cert
    *EAP Framework: Jan 18 12:08:22.301: IOS_PKI_SHIM: Added cert (type 2) to chain (2 present on chain)
    *EAP Framework: Jan 18 12:08:22.301: IOS_PKI_SHIM: [StartSession] - Getting older style priv key
    *EAP Framework: Jan 18 12:08:22.338: IOS_PKI_SHIM: Session 0x335ee108 init'd OK
    *EAP Framework: Jan 18 12:08:22.338: eap_fast_auth.c-AUTH-EVENT: Local certificate found
    *EAP Framework: Jan 18 12:08:22.339: eap_fast_auth.c-AUTH-EVENT: Reading Client Hello handshake
    *EAP Framework: Jan 18 12:08:22.339: eap_fast.c:286: EAP-FAST-AUTH-RX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.339: eap_fast.c:255: Content:Handshake  Version:0301  Length:0x0033
    *EAP Framework: Jan 18 12:08:22.339: eap_core.c:1422:     Payload:  0100002F03014F16A8262631FC9DC042 ...
    *EAP Framework: Jan 18 12:08:22.340: eap_fast.c:202: Handshake type:Client Hello  Length:0x002F
    *EAP Framework: Jan 18 12:08:22.340: eap_core.c:1422:     Payload:  03014F16A8262631FC9DC042253D3E24 ...
    *EAP Framework: Jan 18 12:08:22.340: eap_fast_auth.c-AUTH-EVENT: TLS_RSA_WITH_AES_128 proposed...
    *EAP Framework: Jan 18 12:08:22.341: eap_fast_auth.c-AUTH-EVENT: TLS_DHE_RSA_WITH_AES_128_CBC_SHA proposed...
    *EAP Framework: Jan 18 12:08:22.341: eap_fast_auth.c-AUTH-EVENT: TLS_RSA_WITH_RC4_128 proposed...
    *EAP Framework: Jan 18 12:08:22.341: eap_fast_auth.c-AUTH-EVENT: TLS_DH_anon_WITH_AES_128_CBC_SHA proposed...
    *EAP Framework: Jan 18 12:08:22.342: eap_fast.c-EVENT: Proposed ciphersuite(s):
    *EAP Framework: Jan 18 12:08:22.342: eap_fast.c-EVENT:     TLS_RSA_WITH_AES_128_CBC_SHA
    *EAP Framework: Jan 18 12:08:22.342: eap_fast.c-EVENT:     TLS_DHE_RSA_WITH_AES_128_CBC_SHA
    *EAP Framework: Jan 18 12:08:22.342: eap_fast.c-EVENT:     TLS_RSA_WITH_RC4_128_SHA
    *EAP Framework: Jan 18 12:08:22.343: eap_fast.c-EVENT:     TLS_DH_anon_WITH_AES_128_CBC_SHA
    *EAP Framework: Jan 18 12:08:22.343: eap_fast.c-EVENT: Selected ciphersuite:
    *EAP Framework: Jan 18 12:08:22.343: eap_fast.c-EVENT:     TLS_DHE_RSA_WITH_AES_128_CBC_SHA
    *EAP Framework: Jan 18 12:08:22.343: eap_fast_auth.c-AUTH-EVENT: Building Provisioning Server Hello
    *EAP Framework: Jan 18 12:08:22.344: eap_fast.c:286: EAP-FAST-AUTH-TX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.344: eap_fast.c:255: Content:Handshake  Version:0301  Length:0x002A
    *EAP Framework: Jan 18 12:08:22.344: eap_core.c:1422:     Payload:  0200002603015F3325EADF12E6296F91 ...
    *EAP Framework: Jan 18 12:08:22.344: eap_fast.c:202: Handshake type:Server Hello  Length:0x0026
    *EAP Framework: Jan 18 12:08:22.345: eap_core.c:1422:     Payload:  03015F3325EADF12E6296F91530FE67F ...
    *EAP Framework: Jan 18 12:08:22.345: eap_fast.c:286: EAP-FAST-AUTH-TX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.345: eap_fast.c:255: Content:Handshake  Version:0301  Length:0x0B54
    *EAP Framework: Jan 18 12:08:22.346: eap_core.c:1422:     Payload:  0B000B50000B4D00059F3082059B3082 ...
    *EAP Framework: Jan 18 12:08:22.346: eap_fast.c:202: Handshake type:Certificate  Length:0x0B50
    *EAP Framework: Jan 18 12:08:22.346: eap_core.c:1422:     Payload:  000B4D00059F3082059B30820483A003 ...
    *EAP Framework: Jan 18 12:08:22.347: eap_fast_crypto.c-EVENT: Starting Diffie Hellman phase 1 ...
    *EAP Framework: Jan 18 12:08:22.661: eap_fast_crypto.c-EVENT: Diffie Hellman phase 1 complete
    *EAP Framework: Jan 18 12:08:22.677: IOS_PKI_SHIM: PKI_SignMessage PostHashEncrypt ret SUCCESS.. op_len 128
    *EAP Framework: Jan 18 12:08:22.678: eap_fast_auth.c-AUTH-EVENT: DH signature length = 128
    *EAP Framework: Jan 18 12:08:22.678: eap_fast.c:286: EAP-FAST-AUTH-TX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.678: eap_fast.c:255: Content:Handshake  Version:0301  Length:0x028D
    *EAP Framework: Jan 18 12:08:22.679: eap_core.c:1422:     Payload:  0C0002890100FFFFFFFFFFFFFFFFC90F ...
    *EAP Framework: Jan 18 12:08:22.679: eap_fast.c:202: Handshake type:Server Key Exchange  Length:0x0289
    *EAP Framework: Jan 18 12:08:22.679: eap_core.c:1422:     Payload:  0100FFFFFFFFFFFFFFFFC90FDAA22168 ...
    *EAP Framework: Jan 18 12:08:22.679: eap_fast.c:286: EAP-FAST-AUTH-TX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.680: eap_fast.c:255: Content:Handshake  Version:0301  Length:0x000B
    *EAP Framework: Jan 18 12:08:22.680: eap_core.c:1422:     Payload:  0D00000704030401020000
    *EAP Framework: Jan 18 12:08:22.680: eap_fast.c:202: Handshake type:Certificate Request  Length:0x0007
    *EAP Framework: Jan 18 12:08:22.680: eap_core.c:1422:     Payload:  04030401020000
    *EAP Framework: Jan 18 12:08:22.681: eap_fast.c:286: EAP-FAST-AUTH-TX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.681: eap_fast.c:255: Content:Handshake  Version:0301  Length:0x0004
    *EAP Framework: Jan 18 12:08:22.681: eap_core.c:1422:     Payload:  0E000000
    *EAP Framework: Jan 18 12:08:22.681: eap_fast.c:202: Handshake type:Server Done  Length:0x0000
    *EAP Framework: Jan 18 12:08:22.682: eap_fast_auth.c-AUTH-EVENT: Sending Provisioning Serving Hello
    *EAP Framework: Jan 18 12:08:22.682: eap_fast_auth.c-AUTH-SM: Changing state: Start -> Sent provisioning Server Hello
    *EAP Framework: Jan 18 12:08:22.682: eap_fast.c-EVENT: Tx packet fragmentation required
    *EAP Framework: Jan 18 12:08:22.683: eap_fast.c:2367: eap-fast tx packet:
    *EAP Framework: Jan 18 12:08:22.683: eap_fast.c:138: Version: 1  Flags:LM  Length:0x03DE
    *EAP Framework: Jan 18 12:08:22.683: eap_core.c:1422:     Payload:  160301002A0200002603015F3325EADF ...
    *EAP Framework: Jan 18 12:08:22.684: eap_fast.c-TX-AUTH-PAK:
    *EAP Framework: Jan 18 12:08:22.684: eap_core.c:1484: Code:REQUEST  ID:0x 0  Length:0x03e8  Type:FAST
    *EAP Framework: Jan 18 12:08:22.684: eap_core.c:1422:     Payload:  C100000E33160301002A020000260301 ...
    *EAP Framework: Jan 18 12:08:22.684: EAP-AUTH-EVENT: EAP method state: Continue
    *EAP Framework: Jan 18 12:08:22.685: EAP-AUTH-EVENT: EAP method decision: Unknown
    *EAP Framework: Jan 18 12:08:22.685: EAP-AUTH-EVENT: Current method = 43
    *EAP Framework: Jan 18 12:08:22.685: EAP-AUTH-EVENT: Sending packet to lower layer for context 0x78000041
    *EAP Framework: Jan 18 12:08:22.685: EAP-AUTH-TX-PAK:
    *EAP Framework: Jan 18 12:08:22.685: eap_core.c:1484: Code:REQUEST  ID:0x 3  Length:0x03e8  Type:FAST
    *EAP Framework: Jan 18 12:08:22.686: eap_core.c:1422:     Payload:  C100000E33160301002A020000260301 ...
    *EAP Framework: Jan 18 12:08:22.686: EAP-EVENT: Started 'Authenticator Retransmit' timer (60) for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.686: EAP-EVENT: Started EAP tick timer
    *EAP Framework: Jan 18 12:08:22.686: EAP-EVENT: Sending lower layer event 'EAP_TX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.686: LOCAL_AUTH: Found matching context for id - 319
    *EAP Framework: Jan 18 12:08:22.687: LOCAL_AUTH: (EAP:319) transmit event
    *EAP Framework: Jan 18 12:08:22.687: AuthorizationResponse: 0x13c713fc*EAP Framework: Jan 18 12:08:22.755: LOCAL_AUTH: AAA LOCAL AUTH EAP PKT AVP attribute 4f length 297
    *EAP Framework: Jan 18 12:08:22.755: LOCAL_AUTH: AAA LOCAL AUTH TX PKT DUMP code cc id 00 type 2b
    *aaaQueueReader: Jan 18 12:08:22.830: LOCAL_AUTH: EAP: Received an auth request
    *aaaQueueReader: Jan 18 12:08:22.830: LOCAL_AUTH: Found context matching MAC address - 319
    *aaaQueueReader: Jan 18 12:08:22.830: LOCAL_AUTH: (EAP:319) Sending the Rxd EAP packet (id 6) to EAP subsys
    *EAP Framework: Jan 18 12:08:22.831: EAP-EVENT: Received event 'EAP_RX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.831: EAP-AUTH-RX-PAK:
    *EAP Framework: Jan 18 12:08:22.831: eap_core.c:1484: Code:RESPONSE  ID:0x 6  Length:0x015c  Type:FAST
    *EAP Framework: Jan 18 12:08:22.831: eap_core.c:1422:     Payload:  810000015216030100070B0000030000 ...
    *EAP Framework: Jan 18 12:08:22.831: EAP-EVENT: Stopping 'Authenticator Retransmit' timer for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.831: EAP-AUTH-EVENT: EAP Response received by context 0x78000041
    *EAP Framework: Jan 18 12:08:22.832: EAP-AUTH-EVENT: EAP Response type = Method (43)
    *EAP Framework: Jan 18 12:08:22.832: EAP-AUTH-EVENT: Sending method data for context 0x78000041
    *EAP Framework: Jan 18 12:08:22.832: EAP-EVENT: Sending method directive 'Receive Packet' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.832: eap_fast.c-AUTH-EVENT: Process Response, type: 0x2b
    *EAP Framework: Jan 18 12:08:22.832: eap_fast_auth.c-AUTH-EVENT: Process Response (EAP handle = 0x78000041)
    *EAP Framework: Jan 18 12:08:22.832: eap_fast_auth.c-RX-AUTH-PAK:
    *EAP Framework: Jan 18 12:08:22.832: eap_core.c:1484: Code:RESPONSE  ID:0x 6  Length:0x015c  Type:FAST
    *EAP Framework: Jan 18 12:08:22.832: eap_core.c:1422:     Payload:  810000015216030100070B0000030000 ...
    *EAP
    Framework: Jan 18 12:08:22.832: eap_fast_auth.c-AUTH-EVENT: Received
    TLS record type: Handshake in state: Sent provisioning Server Hello
    *EAP Framework: Jan 18 12:08:22.832: eap_fast_auth.c-AUTH-EVENT: Reading Client Certificate handshake
    *EAP Framework: Jan 18 12:08:22.832: eap_fast.c:286: EAP-FAST-AUTH-RX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.832: eap_fast.c:255: Content:Handshake  Version:0301  Length:0x0007
    *EAP Framework: Jan 18 12:08:22.832: eap_core.c:1422:     Payload:  0B000003000000
    *EAP Framework: Jan 18 12:08:22.832: eap_fast.c:202: Handshake type:Certificate  Length:0x0003
    *EAP Framework: Jan 18 12:08:22.832: eap_core.c:1422:     Payload:  000000
    *EAP Framework: Jan 18 12:08:22.833: eap_fast.c-EVENT: Client Certificate handshake empty
    *EAP Framework: Jan 18 12:08:22.833: eap_fast_auth.c-AUTH-EVENT: Rx'd I-ID: "EAP-FAST I-ID" from Peer Cert
    *EAP Framework: Jan 18 12:08:22.833: eap_fast_auth.c-AUTH-ERROR: Required cert not provided by client
    *EAP Framework: Jan 18 12:08:22.833: eap_fast.c:286: EAP-FAST-AUTH-TX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.833: eap_fast.c:255: Content:Alert  Version:0301  Length:0x0002
    *EAP Framework: Jan 18 12:08:22.833: eap_core.c:1422:     Payload:  0228
    *EAP Framework: Jan 18 12:08:22.833: eap_fast_auth.c-AUTH-SM: Changing state: Sent provisioning Server Hello -> Alert
    *EAP Framework: Jan 18 12:08:22.833: eap_fast.c:2367: eap-fast tx packet:
    *EAP Framework: Jan 18 12:08:22.833: eap_fast.c:138: Version: 1  Flags:L  Length:0x0007
    *EAP Framework: Jan 18 12:08:22.833: eap_core.c:1422:     Payload:  15030100020228
    *EAP Framework: Jan 18 12:08:22.833: eap_fast.c-TX-AUTH-PAK:
    *EAP Framework: Jan 18 12:08:22.833: eap_core.c:1484: Code:REQUEST  ID:0x 0  Length:0x0011  Type:FAST
    *EAP Framework: Jan 18 12:08:22.833: eap_core.c:1422:     Payload:  810000000715030100020228
    *EAP Framework: Jan 18 12:08:22.833: EAP-AUTH-EVENT: EAP method state: Continue
    *EAP Framework: Jan 18 12:08:22.834: EAP-AUTH-EVENT: EAP method decision: Fail
    *EAP Framework: Jan 18 12:08:22.834: EAP-AUTH-EVENT: Current method = 43
    *EAP Framework: Jan 18 12:08:22.834: EAP-AUTH-EVENT: Sending packet to lower layer for context 0x78000041
    *EAP Framework: Jan 18 12:08:22.834: EAP-AUTH-TX-PAK:
    *EAP Framework: Jan 18 12:08:22.834: eap_core.c:1484: Code:REQUEST  ID:0x 7  Length:0x0011  Type:FAST
    *EAP Framework: Jan 18 12:08:22.834: eap_core.c:1422:     Payload:  810000000715030100020228
    *EAP Framework: Jan 18 12:08:22.834: EAP-EVENT: Started 'Authenticator Retransmit' timer (60) for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.834: EAP-EVENT: Started EAP tick timer
    *EAP Framework: Jan 18 12:08:22.834: EAP-EVENT: Sending lower layer event 'EAP_TX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.834: LOCAL_AUTH: Found matching context for id - 319
    *EAP Framework: Jan 18 12:08:22.834: LOCAL_AUTH: (EAP:319) transmit event
    *EAP Framework: Jan 18 12:08:22.834: AuthorizationResponse: 0x13c713fc
    We think that the reason why it didn´t work, is the part:
    *EAP Framework: Jan 18 12:08:22.833: eap_fast.c-EVENT: Client Certificate handshake empty
    *EAP Framework: Jan 18 12:08:22.833: eap_fast_auth.c-AUTH-EVENT: Rx'd I-ID: "EAP-FAST I-ID" from Peer Cert
    *EAP Framework: Jan 18 12:08:22.833: eap_fast_auth.c-AUTH-ERROR: Required cert not provided by client
    But we aren´t sure.
    Maybe anyone can help us. Many thanks in advance.
    =~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2012.01.18 12:08:18 =~=~=~=~=~=~=~=~=~=~=~=
    debug aaa all disable                     debug aaa all enable(Cisco Controller) >*Dot1x_NW_MsgTask_0: Jan 18 12:08:21.917: 18:3d:a2:0a:ec:bc Audit Session ID added to the mscb: 0a63081e000000994f16a825
    *Dot1x_NW_MsgTask_0: Jan 18 12:08:21.917: Creating audit session ID (dot1x_aaa_eapresp_supp) and Radius Request
    *aaaQueueReader: Jan 18 12:08:21.917: AuthenticationRequest: 0x30b52e90
    *aaaQueueReader: Jan 18 12:08:21.917: Callback.....................................0x10b7803c*aaaQueueReader: Jan 18 12:08:21.917: protocolType.................................0x00140001*aaaQueueReader: Jan 18 12:08:21.917: proxyState...................................18:3D:A2:0A:EC:BC-02:00*aaaQueueReader: Jan 18 12:08:21.917: Packet contains 16 AVPs (not shown)*aaaQueueReader: Jan 18 12:08:21.917: 18:3d:a2:0a:ec:bc [Error] Client requested no retries for mobile 18:3D:A2:0A:EC:BC
    *aaaQueueReader: Jan 18 12:08:21.918: 18:3d:a2:0a:ec:bc Returning AAA Error 'No Server' (-7) for mobile 18:3d:a2:0a:ec:bc
    *aaaQueueReader: Jan 18 12:08:21.918: AuthorizationResponse: 0x3e04bd08
    *aaaQueueReader: Jan 18 12:08:21.918: structureSize................................32*aaaQueueReader: Jan 18 12:08:21.918: resultCode...................................-7*aaaQueueReader: Jan 18 12:08:21.918: protocolUsed.................................0xffffffff*aaaQueueReader: Jan 18 12:08:21.918: proxyState...................................18:3D:A2:0A:EC:BC-02:00*aaaQueueReader: Jan 18 12:08:21.918: Packet contains 0 AVPs:*aaaQueueReader: Jan 18 12:08:21.918: LOCAL_AUTH: EAP: Received an auth request
    *aaaQueueReader: Jan 18 12:08:21.918: LOCAL_AUTH: Creating new context
    *aaaQueueReader: Jan 18 12:08:21.918: EAP-EVENT: Received context create from lower layer (0x0000013F)
    *aaaQueueReader: Jan 18 12:08:21.918: id_manager.c-AUTH-SM: Got new ID 78000041 - id_get
    *aaaQueueReader: Jan 18 12:08:21.918: EAP-EVENT: Received credential profile name: "(null)" from LL
    *aaaQueueReader: Jan 18 12:08:21.918: EAP-EVENT: Allocated new EAP context (handle = 0x78000041)
    *aaaQueueReader: Jan 18 12:08:21.919: LOCAL_AUTH: Created new context eap session handle 78000041
    *aaaQueueReader: Jan 18 12:08:21.919: LOCAL_AUTH: (EAP:319) Sending the Rxd EAP packet (id 1) to EAP subsys
    *EAP Framework: Jan 18 12:08:21.919: EAP-EVENT: Received event 'EAP_RX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:21.920: EAP-AUTH-RX-PAK:
    *EAP Framework: Jan 18 12:08:21.920: eap_core.c:1484: Code:RESPONSE  ID:0x 1  Length:0x002b  Type:IDENTITY
    *EAP Framework: Jan 18 12:08:21.920: eap_core.c:1422:     Payload:  416E6472652E54736368656E74736368 ...
    *EAP Framework: Jan 18 12:08:21.920: EAP-AUTH-EVENT: EAP Response received by context 0x78000041
    *EAP Framework: Jan 18 12:08:21.920: EAP-AUTH-EVENT: EAP Response type = Identity
    *EAP Framework: Jan 18 12:08:21.920: EAP-AUTH-EVENT: Received peer identity: [email protected]
    *EAP Framework: Jan 18 12:08:21.920: EAP-EVENT: Sending lower layer event 'EAP_GET_CREDENTIAL_PROFILE_FROM_USERNAME' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:21.920: LOCAL_AUTH: Found matching context for id - 319
    *EAP Framework: Jan 18 12:08:21.921: LOCAL_AUTH: (EAP) Sending user credential request username '[email protected]' to LDAP
    *aaaQueueReader: Jan 18 12:08:21.921: AuthenticationRequest: 0x33a6ae18
    *aaaQueueReader: Jan 18 12:08:21.921: Callback.....................................0x10765234*aaaQueueReader: Jan 18 12:08:21.921: protocolType.................................0x00100002*aaaQueueReader: Jan 18 12:08:21.921: proxyState...................................18:3D:A2:0A:EC:BC-00:00*aaaQueueReader: Jan 18 12:08:21.921: Packet contains 2 AVPs (not shown)*EAP Framework: Jan 18 12:08:21.921: EAP-AUTH-EVENT: Waiting for asynchronous reply from LL
    *LDAP DB Task 1: Jan 18 12:08:21.921: ldapTask [1] received msg 'REQUEST' (2) in state 'IDLE' (1)
    *LDAP DB Task 1: Jan 18 12:08:21.922: LDAP server 1 changed state to INIT
    *LDAP DB Task 1: Jan 18 12:08:21.922: LDAP_OPT_REFERRALS = -1*LDAP DB Task 1: Jan 18 12:08:21.922: ldapInitAndBind [1] called lcapi_init (rc = 0 - Success)
    *LDAP DB Task 1: Jan 18 12:08:21.925: ldapInitAndBind [1] configured Method Authenticated lcapi_bind (rc = 0 - Success)
    *LDAP DB Task 1: Jan 18 12:08:21.925: LDAP server 1 changed state to CONNECTED
    *LDAP DB Task 1: Jan 18 12:08:21.925: disabled LDAP_OPT_REFERRALS*LDAP DB Task 1: Jan 18 12:08:21.925: LDAP_CLIENT: UID Search (base=DC=group,DC=jenoptik,DC=corp, pattern=(&(objectclass=Person)([email protected])))
    *LDAP DB Task 1: Jan 18 12:08:21.926: LDAP_CLIENT: ldap_search_ext_s returns 0 85
    *LDAP DB Task 1: Jan 18 12:08:21.926: LDAP_CLIENT: Returned 2 msgs including 0 references
    *LDAP DB Task 1: Jan 18 12:08:21.926: LDAP_CLIENT: Returned msg 1 type 0x64
    *LDAP DB Task 1: Jan 18 12:08:21.926: LDAP_CLIENT: Received 1 attributes in search entry msg
    *LDAP DB Task 1: Jan 18 12:08:21.927: LDAP_CLIENT: Returned msg 2 type 0x65
    *LDAP DB Task 1: Jan 18 12:08:21.927: LDAP_CLIENT : No matched DN
    *LDAP DB Task 1: Jan 18 12:08:21.927: LDAP_CLIENT : Check result error 0 rc 1013
    *LDAP DB Task 1: Jan 18 12:08:21.927: LDAP_CLIENT: Received no referrals in search result msg
    *LDAP DB Task 1: Jan 18 12:08:21.927: ldapAuthRequest [1] called lcapi_query base="DC=group,DC=jenoptik,DC=corp" type="Person" attr="userPrincipalName" user="[email protected]" (rc = 0 - Success)
    *LDAP DB Task 1: Jan 18 12:08:21.927: LDAP ATTR> dn = CN=Tschentscher\, Andre,OU=Users,OU=SSC,OU=JOAG,DC=group,DC=jenoptik,DC=corp (size 76)
    *LDAP DB Task 1: Jan 18 12:08:21.927: Handling LDAP response Success
    *LDAP DB Task 1: Jan 18 12:08:21.927: 18:3d:a2:0a:ec:bc [Response] Client requested no retries for mobile 18:3D:A2:0A:EC:BC
    *LDAP DB Task 1: Jan 18 12:08:21.927: 18:3d:a2:0a:ec:bc Returning AAA Success for mobile 18:3d:a2:0a:ec:bc
    *LDAP DB Task 1: Jan 18 12:08:21.927: AuthorizationResponse: 0x33a5affc
    *LDAP DB Task 1: Jan 18 12:08:21.927: structureSize................................180*LDAP DB Task 1: Jan 18 12:08:21.927: resultCode...................................0*LDAP DB Task 1: Jan 18 12:08:21.927: protocolUsed.................................0x00000002*LDAP DB Task 1: Jan 18 12:08:21.927: proxyState...................................18:3D:A2:0A:EC:BC-00:00*LDAP DB Task 1: Jan 18 12:08:21.928: Packet contains 2 AVPs:*LDAP DB Task 1: Jan 18 12:08:21.928:     AVP[01] Unknown Attribute 0......................CN=Tschentscher\, Andre,OU=Users,OU=SSC,OU=JOAG,DC=group,DC=jenoptik,DC=corp (76 bytes)*LDAP DB Task 1: Jan 18 12:08:21.928:     AVP[02] User-Name................................Andre.Tschentscher@group.jenoptik.corp (38 bytes)*LDAP DB Task 1: Jan 18 12:08:21.928: LOCAL_AUTH: Found context matching MAC address - 319
    *LDAP DB Task 1: Jan 18 12:08:21.928: LOCAL_AUTH: (EAP:319) User credential callback invoked
    *LDAP DB Task 1: Jan 18 12:08:21.928: LOCAL_AUTH: EAP Unable to find password in credentials. Skipped
    *LDAP DB Task 1: Jan 18 12:08:21.928: LOCAL_AUTH: EAP Unable to find wlan in credentials. Skipped
    *LDAP DB Task 1: Jan 18 12:08:21.928: Authenticated bind : Closing the binded session*LDAP DB Task 1: Jan 18 12:08:21.928: ldapClose [1] called lcapi_close (rc = 0 - Success)
    *LDAP DB Task 1: Jan 18 12:08:21.929: LDAP server 1 changed state to IDLE
    *EAP Framework: Jan 18 12:08:21.930: EAP-EVENT: Received event 'EAP_LL_REPLY' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:21.930: EAP-AUTH-EVENT: Using credential profile name: [email protected] (0x78000041)
    *EAP Framework: Jan 18 12:08:21.930: EAP-AUTH-EVENT: Maximum EAP packet size: 1000
    *EAP Framework: Jan 18 12:08:21.930: EAP-AUTH-EVENT: Sending method new context directive for EAP context 0x78000041
    *EAP Framework: Jan 18 12:08:21.930: EAP-EVENT: Sending method directive 'New Context' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:21.930: eap_fast.c-EVENT: New context (EAP handle = 0x78000041)
    *EAP Framework: Jan 18 12:08:21.931: id_manager.c-AUTH-SM: Got new ID f700000e - id_get
    *EAP Framework: Jan 18 12:08:21.931: eap_fast.c-EVENT: Allocated new EAP-FAST context (handle = 0xF700000E)
    *EAP Framework: Jan 18 12:08:21.931: EAP-AUTH-EVENT: Sending method data for context 0x78000041
    *EAP Framework: Jan 18 12:08:21.931: EAP-EVENT: Sending method directive 'Receive Packet' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:21.931: eap_fast_auth.c-AUTH-EVENT: Process Response (EAP handle = 0x78000041)
    *EAP Framework: Jan 18 12:08:21.931: eap_fast_auth.c-AUTH-EVENT: Received Identity
    *EAP Framework: Jan 18 12:08:21.931: eap_fast_tlv.c-AUTH-EVENT: Adding PAC A-ID TLV (436973636f0000000000000000000000)
    *EAP Framework: Jan 18 12:08:21.931: eap_fast_auth.c-AUTH-EVENT: Sending Start
    *EAP Framework: Jan 18 12:08:21.931: eap_fast_auth.c-AUTH-SM: Changing state: Reset -> Start
    *EAP Framework: Jan 18 12:08:21.931: eap_fast.c:2367: eap-fast tx packet:
    *EAP Framework: Jan 18 12:08:21.931: eap_fast.c:138: Version: 1  Flags:S  Length:0x0014
    *EAP Framework: Jan 18 12:08:21.931: eap_core.c:1422:     Payload:  00040010436973636F00000000000000 ...
    *EAP Framework: Jan 18 12:08:21.931: eap_fast.c-TX-AUTH-PAK:
    *EAP Framework: Jan 18 12:08:21.931: eap_core.c:1484: Code:REQUEST  ID:0x 0  Length:0x001a  Type:FAST
    *EAP Framework: Jan 18 12:08:21.932: eap_core.c:1422:     Payload:  2100040010436973636F000000000000 ...
    *EAP Framework: Jan 18 12:08:21.932: EAP-AUTH-EVENT: EAP method state: Continue
    *EAP Framework: Jan 18 12:08:21.932: EAP-AUTH-EVENT: EAP method decision: Unknown
    *EAP Framework: Jan 18 12:08:21.932: EAP-AUTH-EVENT: Current method = 43
    *EAP Framework: Jan 18 12:08:21.932: EAP-AUTH-EVENT: Sending packet to lower layer for context 0x78000041
    *EAP Framework: Jan 18 12:08:21.932: EAP-AUTH-TX-PAK:
    *EAP Framework: Jan 18 12:08:21.932: eap_core.c:1484: Code:REQUEST  ID:0x 2  Length:0x001a  Type:FAST
    *EAP Framework: Jan 18 12:08:21.932: eap_core.c:1422:     Payload:  2100040010436973636F000000000000 ...
    *EAP Framework: Jan 18 12:08:21.932: EAP-EVENT: Started 'Authenticator Retransmit' timer (60) for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:21.932: EAP-EVENT: Started EAP tick timer
    *EAP Framework: Jan 18 12:08:21.932: EAP-EVENT: Sending lower layer event 'EAP_TX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:21.932: LOCAL_AUTH: Found matching context for id - 319
    *EAP Framework: Jan 18 12:08:21.932: LOCAL_AUTH: (EAP:319) transmit event
    *EAP Framework: Jan 18 12:08:21.932: AuthorizationResponse: 0x13c713fc
    *EAP Framework: Jan 18 12:08:21.933: structureSize................................74*EAP Framework: Jan 18 12:08:21.933: resultCode...................................255*EAP Framework: Jan 18 12:08:21.933: protocolUsed.................................0x00000080*EAP Framework: Jan 18 12:08:21.933: proxyState...................................18:3D:A2:0A:EC:BC-02:00*EAP Framework: Jan 18 12:08:21.934: Packet contains 1 AVPs (not shown)*EAP Framework: Jan 18 12:08:21.934: LOCAL_AUTH: AAA LOCAL AUTH EAP PKT AVP attribute 4f length 1a
    *EAP Framework: Jan 18 12:08:21.934: LOCAL_AUTH: AAA LOCAL AUTH TX PKT DUMP code cc id 00 type 2b
    *aaaQueueReader: Jan 18 12:08:22.290: LOCAL_AUTH: EAP: Received an auth request
    *aaaQueueReader: Jan 18 12:08:22.290: LOCAL_AUTH: Found context matching MAC address - 319
    *aaaQueueReader: Jan 18 12:08:22.290: LOCAL_AUTH: (EAP:319) Sending the Rxd EAP packet (id 2) to EAP subsys
    *EAP Framework: Jan 18 12:08:22.291: EAP-EVENT: Received event 'EAP_RX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.291: EAP-AUTH-RX-PAK:
    *EAP Framework: Jan 18 12:08:22.291: eap_core.c:1484: Code:RESPONSE  ID:0x 2  Length:0x0042  Type:FAST
    *EAP Framework: Jan 18 12:08:22.291: eap_core.c:1422:     Payload:  810000003816030100330100002F0301 ...
    *EAP Framework: Jan 18 12:08:22.291: EAP-EVENT: Stopping 'Authenticator Retransmit' timer for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.291: EAP-AUTH-EVENT: EAP Response received by context 0x78000041
    *EAP Framework: Jan 18 12:08:22.291: EAP-AUTH-EVENT: EAP Response type = Method (43)
    *EAP Framework: Jan 18 12:08:22.291: EAP-AUTH-EVENT: Sending method data for context 0x78000041
    *EAP Framework: Jan 18 12:08:22.292: EAP-EVENT: Sending method directive 'Receive Packet' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.292: eap_fast.c-AUTH-EVENT: Process Response, type: 0x2b
    *EAP Framework: Jan 18 12:08:22.292: eap_fast_auth.c-AUTH-EVENT: Process Response (EAP handle = 0x78000041)
    *EAP Framework: Jan 18 12:08:22.292: eap_fast_auth.c-RX-AUTH-PAK:
    *EAP Framework: Jan 18 12:08:22.292: eap_core.c:1484: Code:RESPONSE  ID:0x 2  Length:0x0042  Type:FAST
    *EAP Framework: Jan 18 12:08:22.292: eap_core.c:1422:     Payload:  810000003816030100330100002F0301 ...
    *EAP Framework: Jan 18 12:08:22.292: eap_fast_auth.c-AUTH-EVENT: Received TLS record type: Handshake in state: Start
    *EAP Framework: Jan 18 12:08:22.292: EAP-EVENT: Sending lower layer event 'EAP_GET_CREDENTIAL_PROFILE_FROM_PROFILE_NAME' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.292: LOCAL_AUTH: Found matching context for id - 319
    *EAP Framework: Jan 18 12:08:22.292: LOCAL_AUTH: (EAP:319) Returning profile '[email protected]' (username '[email protected]')
    *EAP Framework: Jan 18 12:08:22.293: IOS_PKI_SHIM: [StartSession] - New session 0x335ee108 started (TP = 'vendor')
    *EAP Framework: Jan 18 12:08:22.293: IOS_PKI_SHIM: [StartSession] - Trustpoint identity (cert) set to 'Vendor'
    *EAP Framework: Jan 18 12:08:22.297: IOS_PKI_SHIM: [ID-CERT] Subject : C=DE, ST=Thuringia, L=Jena, O=Jenoptik AG, OU=Jenoptik SSC GmbH, CN=Cisco WLC 1st, [email protected]
    *EAP Framework: Jan 18 12:08:22.297: IOS_PKI_SHIM: [ID-CERT] Issuer : DC=corp, DC=jenoptik, CN=Jenoptik WLAN Certificate Authority
    *EAP Framework: Jan 18 12:08:22.297: IOS_PKI_SHIM: [ID-CERT] Valid from '2012 Jan 12th, 17:06:50 GMT' to '2016 Jan 11th, 17:06:50 GMT'
    *EAP Framework: Jan 18 12:08:22.297: IOS_PKI_SHIM: [ID-CERT] Is not a CA cert
    *EAP Framework: Jan 18 12:08:22.297: IOS_PKI_SHIM: Added cert (type 1) to chain (1 present on chain)
    *EAP Framework: Jan 18 12:08:22.300: IOS_PKI_SHIM: [CA-CERT] Subject : DC=corp, DC=jenoptik, CN=Jenoptik WLAN Certificate Authority
    *EAP Framework: Jan 18 12:08:22.301: IOS_PKI_SHIM: [CA-CERT] Issuer : CN=Jenoptik Certificate Authority
    *EAP Framework: Jan 18 12:08:22.301: IOS_PKI_SHIM: [CA-CERT] Valid from '2012 Jan 12th, 16:54:49 GMT' to '2020 Jan 12th, 17:04:49 GMT'
    *EAP Framework: Jan 18 12:08:22.301: IOS_PKI_SHIM: [CA-CERT] Is a CA cert
    *EAP Framework: Jan 18 12:08:22.301: IOS_PKI_SHIM: Added cert (type 2) to chain (2 present on chain)
    *EAP Framework: Jan 18 12:08:22.301: IOS_PKI_SHIM: [StartSession] - Getting older style priv key
    *EAP Framework: Jan 18 12:08:22.338: IOS_PKI_SHIM: Session 0x335ee108 init'd OK
    *EAP Framework: Jan 18 12:08:22.338: eap_fast_auth.c-AUTH-EVENT: Local certificate found
    *EAP Framework: Jan 18 12:08:22.339: eap_fast_auth.c-AUTH-EVENT: Reading Client Hello handshake
    *EAP Framework: Jan 18 12:08:22.339: eap_fast.c:286: EAP-FAST-AUTH-RX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.339: eap_fast.c:255: Content:Handshake  Version:0301  Length:0x0033
    *EAP Framework: Jan 18 12:08:22.339: eap_core.c:1422:     Payload:  0100002F03014F16A8262631FC9DC042 ...
    *EAP Framework: Jan 18 12:08:22.340: eap_fast.c:202: Handshake type:Client Hello  Length:0x002F
    *EAP Framework: Jan 18 12:08:22.340: eap_core.c:1422:     Payload:  03014F16A8262631FC9DC042253D3E24 ...
    *EAP Framework: Jan 18 12:08:22.340: eap_fast_auth.c-AUTH-EVENT: TLS_RSA_WITH_AES_128 proposed...
    *EAP Framework: Jan 18 12:08:22.341: eap_fast_auth.c-AUTH-EVENT: TLS_DHE_RSA_WITH_AES_128_CBC_SHA proposed...
    *EAP Framework: Jan 18 12:08:22.341: eap_fast_auth.c-AUTH-EVENT: TLS_RSA_WITH_RC4_128 proposed...
    *EAP Framework: Jan 18 12:08:22.341: eap_fast_auth.c-AUTH-EVENT: TLS_DH_anon_WITH_AES_128_CBC_SHA proposed...
    *EAP Framework: Jan 18 12:08:22.342: eap_fast.c-EVENT: Proposed ciphersuite(s):
    *EAP Framework: Jan 18 12:08:22.342: eap_fast.c-EVENT:     TLS_RSA_WITH_AES_128_CBC_SHA
    *EAP Framework: Jan 18 12:08:22.342: eap_fast.c-EVENT:     TLS_DHE_RSA_WITH_AES_128_CBC_SHA
    *EAP Framework: Jan 18 12:08:22.342: eap_fast.c-EVENT:     TLS_RSA_WITH_RC4_128_SHA
    *EAP Framework: Jan 18 12:08:22.343: eap_fast.c-EVENT:     TLS_DH_anon_WITH_AES_128_CBC_SHA
    *EAP Framework: Jan 18 12:08:22.343: eap_fast.c-EVENT: Selected ciphersuite:
    *EAP Framework: Jan 18 12:08:22.343: eap_fast.c-EVENT:     TLS_DHE_RSA_WITH_AES_128_CBC_SHA
    *EAP Framework: Jan 18 12:08:22.343: eap_fast_auth.c-AUTH-EVENT: Building Provisioning Server Hello
    *EAP Framework: Jan 18 12:08:22.344: eap_fast.c:286: EAP-FAST-AUTH-TX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.344: eap_fast.c:255: Content:Handshake  Version:0301  Length:0x002A
    *EAP Framework: Jan 18 12:08:22.344: eap_core.c:1422:     Payload:  0200002603015F3325EADF12E6296F91 ...
    *EAP Framework: Jan 18 12:08:22.344: eap_fast.c:202: Handshake type:Server Hello  Length:0x0026
    *EAP Framework: Jan 18 12:08:22.345: eap_core.c:1422:     Payload:  03015F3325EADF12E6296F91530FE67F ...
    *EAP Framework: Jan 18 12:08:22.345: eap_fast.c:286: EAP-FAST-AUTH-TX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.345: eap_fast.c:255: Content:Handshake  Version:0301  Length:0x0B54
    *EAP Framework: Jan 18 12:08:22.346: eap_core.c:1422:     Payload:  0B000B50000B4D00059F3082059B3082 ...
    *EAP Framework: Jan 18 12:08:22.346: eap_fast.c:202: Handshake type:Certificate  Length:0x0B50
    *EAP Framework: Jan 18 12:08:22.346: eap_core.c:1422:     Payload:  000B4D00059F3082059B30820483A003 ...
    *EAP Framework: Jan 18 12:08:22.347: eap_fast_crypto.c-EVENT: Starting Diffie Hellman phase 1 ...
    *EAP Framework: Jan 18 12:08:22.661: eap_fast_crypto.c-EVENT: Diffie Hellman phase 1 complete
    *EAP Framework: Jan 18 12:08:22.677: IOS_PKI_SHIM: PKI_SignMessage PostHashEncrypt ret SUCCESS.. op_len 128
    *EAP Framework: Jan 18 12:08:22.678: eap_fast_auth.c-AUTH-EVENT: DH signature length = 128
    *EAP Framework: Jan 18 12:08:22.678: eap_fast.c:286: EAP-FAST-AUTH-TX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.678: eap_fast.c:255: Content:Handshake  Version:0301  Length:0x028D
    *EAP Framework: Jan 18 12:08:22.679: eap_core.c:1422:     Payload:  0C0002890100FFFFFFFFFFFFFFFFC90F ...
    *EAP Framework: Jan 18 12:08:22.679: eap_fast.c:202: Handshake type:Server Key Exchange  Length:0x0289
    *EAP Framework: Jan 18 12:08:22.679: eap_core.c:1422:     Payload:  0100FFFFFFFFFFFFFFFFC90FDAA22168 ...
    *EAP Framework: Jan 18 12:08:22.679: eap_fast.c:286: EAP-FAST-AUTH-TX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.680: eap_fast.c:255: Content:Handshake  Version:0301  Length:0x000B
    *EAP Framework: Jan 18 12:08:22.680: eap_core.c:1422:     Payload:  0D00000704030401020000
    *EAP Framework: Jan 18 12:08:22.680: eap_fast.c:202: Handshake type:Certificate Request  Length:0x0007
    *EAP Framework: Jan 18 12:08:22.680: eap_core.c:1422:     Payload:  04030401020000
    *EAP Framework: Jan 18 12:08:22.681: eap_fast.c:286: EAP-FAST-AUTH-TX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.681: eap_fast.c:255: Content:Handshake  Version:0301  Length:0x0004
    *EAP Framework: Jan 18 12:08:22.681: eap_core.c:1422:     Payload:  0E000000
    *EAP Framework: Jan 18 12:08:22.681: eap_fast.c:202: Handshake type:Server Done  Length:0x0000
    *EAP Framework: Jan 18 12:08:22.682: eap_fast_auth.c-AUTH-EVENT: Sending Provisioning Serving Hello
    *EAP Framework: Jan 18 12:08:22.682: eap_fast_auth.c-AUTH-SM: Changing state: Start -> Sent provisioning Server Hello
    *EAP Framework: Jan 18 12:08:22.682: eap_fast.c-EVENT: Tx packet fragmentation required
    *EAP Framework: Jan 18 12:08:22.683: eap_fast.c:2367: eap-fast tx packet:
    *EAP Framework: Jan 18 12:08:22.683: eap_fast.c:138: Version: 1  Flags:LM  Length:0x03DE
    *EAP Framework: Jan 18 12:08:22.683: eap_core.c:1422:     Payload:  160301002A0200002603015F3325EADF ...
    *EAP Framework: Jan 18 12:08:22.684: eap_fast.c-TX-AUTH-PAK:
    *EAP Framework: Jan 18 12:08:22.684: eap_core.c:1484: Code:REQUEST  ID:0x 0  Length:0x03e8  Type:FAST
    *EAP Framework: Jan 18 12:08:22.684: eap_core.c:1422:     Payload:  C100000E33160301002A020000260301 ...
    *EAP Framework: Jan 18 12:08:22.684: EAP-AUTH-EVENT: EAP method state: Continue
    *EAP Framework: Jan 18 12:08:22.685: EAP-AUTH-EVENT: EAP method decision: Unknown
    *EAP Framework: Jan 18 12:08:22.685: EAP-AUTH-EVENT: Current method = 43
    *EAP Framework: Jan 18 12:08:22.685: EAP-AUTH-EVENT: Sending packet to lower layer for context 0x78000041
    *EAP Framework: Jan 18 12:08:22.685: EAP-AUTH-TX-PAK:
    *EAP Framework: Jan 18 12:08:22.685: eap_core.c:1484: Code:REQUEST  ID:0x 3  Length:0x03e8  Type:FAST
    *EAP Framework: Jan 18 12:08:22.686: eap_core.c:1422:     Payload:  C100000E33160301002A020000260301 ...
    *EAP Framework: Jan 18 12:08:22.686: EAP-EVENT: Started 'Authenticator Retransmit' timer (60) for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.686: EAP-EVENT: Started EAP tick timer
    *EAP Framework: Jan 18 12:08:22.686: EAP-EVENT: Sending lower layer event 'EAP_TX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.686: LOCAL_AUTH: Found matching context for id - 319
    *EAP Framework: Jan 18 12:08:22.687: LOCAL_AUTH: (EAP:319) transmit event
    *EAP Framework: Jan 18 12:08:22.687: AuthorizationResponse: 0x13c713fc
    *EAP Framework: Jan 18 12:08:22.687: structureSize................................1048*EAP Framework: Jan 18 12:08:22.687: resultCode...................................255*EAP Framework: Jan 18 12:08:22.687: protocolUsed.................................0x00000080*EAP Framework: Jan 18 12:08:22.688: proxyState...................................18:3D:A2:0A:EC:BC-02:01*EAP Framework: Jan 18 12:08:22.688: Packet contains 1 AVPs (not shown)*EAP Framework: Jan 18 12:08:22.688: LOCAL_AUTH: AAA LOCAL AUTH EAP PKT AVP attribute 4f length 3e8
    *EAP Framework: Jan 18 12:08:22.688: LOCAL_AUTH: AAA LOCAL AUTH TX PKT DUMP code cc id 00 type 2b
    *aaaQueueReader: Jan 18 12:08:22.700: LOCAL_AUTH: EAP: Received an auth request
    *aaaQueueReader: Jan 18 12:08:22.701: LOCAL_AUTH: Found context matching MAC address - 319
    *aaaQueueReader: Jan 18 12:08:22.701: LOCAL_AUTH: (EAP:319) Sending the Rxd EAP packet (id 3) to EAP subsys
    *EAP Framework: Jan 18 12:08:22.701: EAP-EVENT: Received event 'EAP_RX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.701: EAP-AUTH-RX-PAK:
    *EAP Framework: Jan 18 12:08:22.702: eap_core.c:1484: Code:RESPONSE  ID:0x 3  Length:0x0006  Type:FAST
    *EAP Framework: Jan 18 12:08:22.702: eap_core.c:1422:     Payload:  01
    *EAP Framework: Jan 18 12:08:22.702: EAP-EVENT: Stopping 'Authenticator Retransmit' timer for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.703: EAP-AUTH-EVENT: EAP Response received by context 0x78000041
    *EAP Framework: Jan 18 12:08:22.703: EAP-AUTH-EVENT: EAP Response type = Method (43)
    *EAP Framework: Jan 18 12:08:22.703: EAP-AUTH-EVENT: Sending method data for context 0x78000041
    *EAP Framework: Jan 18 12:08:22.704: EAP-EVENT: Sending method directive 'Receive Packet' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.704: eap_fast.c-AUTH-EVENT: eap_fast_rx_packet(): EAP Fast NoData (0x2b)
    *EAP Framework: Jan 18 12:08:22.704: eap_fast.c:2367: eap-fast tx packet:
    *EAP Framework: Jan 18 12:08:22.704: eap_fast.c:138: Version: 1  Flags:M  Length:0x03E2
    *EAP Framework: Jan 18 12:08:22.705: eap_core.c:1422:     Payload:  3A2F2F2F434E3D4A656E6F7074696B25 ...
    *EAP Framework: Jan 18 12:08:22.705: eap_fast.c-TX-AUTH-PAK:
    *EAP Framework: Jan 18 12:08:22.705: eap_core.c:1484: Code:REQUEST  ID:0x 0  Length:0x03e8  Type:FAST
    *EAP Framework: Jan 18 12:08:22.705: eap_core.c:1422:     Payload:  413A2F2F2F434E3D4A656E6F7074696B ...
    *EAP Framework: Jan 18 12:08:22.706: EAP-AUTH-EVENT: EAP method state: Continue
    *EAP Framework: Jan 18 12:08:22.706: EAP-AUTH-EVENT: EAP method decision: Unknown
    *EAP Framework: Jan 18 12:08:22.706: EAP-AUTH-EVENT: Current method = 43
    *EAP Framework: Jan 18 12:08:22.706: EAP-AUTH-EVENT: Sending packet to lower layer for context 0x78000041
    *EAP Framework: Jan 18 12:08:22.707: EAP-AUTH-TX-PAK:
    *EAP Framework: Jan 18 12:08:22.707: eap_core.c:1484: Code:REQUEST  ID:0x 4  Length:0x03e8  Type:FAST
    *EAP Framework: Jan 18 12:08:22.707: eap_core.c:1422:     Payload:  413A2F2F2F434E3D4A656E6F7074696B ...
    *EAP Framework: Jan 18 12:08:22.707: EAP-EVENT: Started 'Authenticator Retransmit' timer (60) for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.708: EAP-EVENT: Started EAP tick timer
    *EAP Framework: Jan 18 12:08:22.708: EAP-EVENT: Sending lower layer event 'EAP_TX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.708: LOCAL_AUTH: Found matching context for id - 319
    *EAP Framework: Jan 18 12:08:22.708: LOCAL_AUTH: (EAP:319) transmit event
    *EAP Framework: Jan 18 12:08:22.709: AuthorizationResponse: 0x13c713fc
    *EAP Framework: Jan 18 12:08:22.709: structureSize................................1048*EAP Framework: Jan 18 12:08:22.709: resultCode...................................255*EAP Framework: Jan 18 12:08:22.709: protocolUsed.................................0x00000080*EAP Framework: Jan 18 12:08:22.710: proxyState...................................18:3D:A2:0A:EC:BC-02:02*EAP Framework: Jan 18 12:08:22.710: Packet contains 1 AVPs (not shown)*EAP Framework: Jan 18 12:08:22.710: LOCAL_AUTH: AAA LOCAL AUTH EAP PKT AVP attribute 4f length 3e8
    *EAP Framework: Jan 18 12:08:22.711: LOCAL_AUTH: AAA LOCAL AUTH TX PKT DUMP code cc id 00 type 2b
    *aaaQueueReader: Jan 18 12:08:22.723: LOCAL_AUTH: EAP: Received an auth request
    *aaaQueueReader: Jan 18 12:08:22.723: LOCAL_AUTH: Found context matching MAC address - 319
    *aaaQueueReader: Jan 18 12:08:22.724: LOCAL_AUTH: (EAP:319) Sending the Rxd EAP packet (id 4) to EAP subsys
    *EAP Framework: Jan 18 12:08:22.724: EAP-EVENT: Received event 'EAP_RX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.725: EAP-AUTH-RX-PAK:
    *EAP Framework: Jan 18 12:08:22.725: eap_core.c:1484: Code:RESPONSE  ID:0x 4  Length:0x0006  Type:FAST
    *EAP Framework: Jan 18 12:08:22.725: eap_core.c:1422:     Payload:  01
    *EAP Framework: Jan 18 12:08:22.725: EAP-EVENT: Stopping 'Authenticator Retransmit' timer for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.726: EAP-AUTH-EVENT: EAP Response received by context 0x78000041
    *EAP Framework: Jan 18 12:08:22.726: EAP-AUTH-EVENT: EAP Response type = Method (43)
    *EAP Framework: Jan 18 12:08:22.726: EAP-AUTH-EVENT: Sending method data for context 0x78000041
    *EAP Framework: Jan 18 12:08:22.726: EAP-EVENT: Sending method directive 'Receive Packet' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.727: eap_fast.c-AUTH-EVENT: eap_fast_rx_packet(): EAP Fast NoData (0x2b)
    *EAP Framework: Jan 18 12:08:22.727: eap_fast.c:2367: eap-fast tx packet:
    *EAP Framework: Jan 18 12:08:22.727: eap_fast.c:138: Version: 1  Flags:M  Length:0x03E2
    *EAP Framework: Jan 18 12:08:22.728: eap_core.c:1422:     Payload:  BD84CC4BF49A766267DA94429BEBE087 ...
    *EAP Framework: Jan 18 12:08:22.728: eap_fast.c-TX-AUTH-PAK:
    *EAP Framework: Jan 18 12:08:22.728: eap_core.c:1484: Code:REQUEST  ID:0x 0  Length:0x03e8  Type:FAST
    *EAP Framework: Jan 18 12:08:22.728: eap_core.c:1422:     Payload:  41BD84CC4BF49A766267DA94429BEBE0 ...
    *EAP Framework: Jan 18 12:08:22.729: EAP-AUTH-EVENT: EAP method state: Continue
    *EAP Framework: Jan 18 12:08:22.729: EAP-AUTH-EVENT: EAP method decision: Unknown
    *EAP Framework: Jan 18 12:08:22.729: EAP-AUTH-EVENT: Current method = 43
    *EAP Framework: Jan 18 12:08:22.729: EAP-AUTH-EVENT: Sending packet to lower layer for context 0x78000041
    *EAP Framework: Jan 18 12:08:22.730: EAP-AUTH-TX-PAK:
    *EAP Framework: Jan 18 12:08:22.730: eap_core.c:1484: Code:REQUEST  ID:0x 5  Length:0x03e8  Type:FAST
    *EAP Framework: Jan 18 12:08:22.730: eap_core.c:1422:     Payload:  41BD84CC4BF49A766267DA94429BEBE0 ...
    *EAP Framework: Jan 18 12:08:22.731: EAP-EVENT: Started 'Authenticator Retransmit' timer (60) for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.731: EAP-EVENT: Started EAP tick timer
    *EAP Framework: Jan 18 12:08:22.731: EAP-EVENT: Sending lower layer event 'EAP_TX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.731: LOCAL_AUTH: Found matching context for id - 319
    *EAP Framework: Jan 18 12:08:22.732: LOCAL_AUTH: (EAP:319) transmit event
    *EAP Framework: Jan 18 12:08:22.732: AuthorizationResponse: 0x13c713fc
    *EAP Framework: Jan 18 12:08:22.732: structureSize................................1048*EAP Framework: Jan 18 12:08:22.732: resultCode...................................255*EAP Framework: Jan 18 12:08:22.733: protocolUsed.................................0x00000080*EAP Framework: Jan 18 12:08:22.733: proxyState...................................18:3D:A2:0A:EC:BC-02:03*EAP Framework: Jan 18 12:08:22.733: Packet contains 1 AVPs (not shown)*EAP Framework: Jan 18 12:08:22.734: LOCAL_AUTH: AAA LOCAL AUTH EAP PKT AVP attribute 4f length 3e8
    *EAP Framework: Jan 18 12:08:22.734: LOCAL_AUTH: AAA LOCAL AUTH TX PKT DUMP code cc id 00 type 2b
    *aaaQueueReader: Jan 18 12:08:22.746: LOCAL_AUTH: EAP: Received an auth request
    *aaaQueueReader: Jan 18 12:08:22.747: LOCAL_AUTH: Found context matching MAC address - 319
    *aaaQueueReader: Jan 18 12:08:22.747: LOCAL_AUTH: (EAP:319) Sending the Rxd EAP packet (id 5) to EAP subsys
    *EAP Framework: Jan 18 12:08:22.747: EAP-EVENT: Received event 'EAP_RX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.747: EAP-AUTH-RX-PAK:
    *EAP Framework: Jan 18 12:08:22.748: eap_core.c:1484: Code:RESPONSE  ID:0x 5  Length:0x0006  Type:FAST
    *EAP Framework: Jan 18 12:08:22.748: eap_core.c:1422:     Payload:  01
    *EAP Framework: Jan 18 12:08:22.748: EAP-EVENT: Stopping 'Authenticator Retransmit' timer for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.749: EAP-AUTH-EVENT: EAP Response received by context 0x78000041
    *EAP Framework: Jan 18 12:08:22.749: EAP-AUTH-EVENT: EAP Response type = Method (43)
    *EAP Framework: Jan 18 12:08:22.749: EAP-AUTH-EVENT: Sending method data for context 0x78000041
    *EAP Framework: Jan 18 12:08:22.750: EAP-EVENT: Sending method directive 'Receive Packet' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.750: eap_fast.c-AUTH-EVENT: eap_fast_rx_packet(): EAP Fast NoData (0x2b)
    *EAP Framework: Jan 18 12:08:22.750: eap_fast.c:2367: eap-fast tx packet:
    *EAP Framework: Jan 18 12:08:22.750: eap_fast.c:138: Version: 1  Flags:  Length:0x0291
    *EAP Framework: Jan 18 12:08:22.751: eap_core.c:1422:     Payload:  34C4C6628B80DC1CD129024E088A67CC ...
    *EAP Framework: Jan 18 12:08:22.751: eap_fast.c-TX-AUTH-PAK:
    *EAP Framework: Jan 18 12:08:22.751: eap_core.c:1484: Code:REQUEST  ID:0x 0  Length:0x0297  Type:FAST
    *EAP Framework: Jan 18 12:08:22.751: eap_core.c:1422:     Payload:  0134C4C6628B80DC1CD129024E088A67 ...
    *EAP Framework: Jan 18 12:08:22.751: EAP-AUTH-EVENT: EAP method state: Continue
    *EAP Framework: Jan 18 12:08:22.751: EAP-AUTH-EVENT: EAP method decision: Unknown
    *EAP Framework: Jan 18 12:08:22.752: EAP-AUTH-EVENT: Current method = 43
    *EAP Framework: Jan 18 12:08:22.752: EAP-AUTH-EVENT: Sending packet to lower layer for context 0x78000041
    *EAP Framework: Jan 18 12:08:22.752: EAP-AUTH-TX-PAK:
    *EAP Framework: Jan 18 12:08:22.752: eap_core.c:1484: Code:REQUEST  ID:0x 6  Length:0x0297  Type:FAST
    *EAP Framework: Jan 18 12:08:22.752: eap_core.c:1422:     Payload:  0134C4C6628B80DC1CD129024E088A67 ...
    *EAP Framework: Jan 18 12:08:22.753: EAP-EVENT: Started 'Authenticator Retransmit' timer (60) for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.753: EAP-EVENT: Started EAP tick timer
    *EAP Framework: Jan 18 12:08:22.753: EAP-EVENT: Sending lower layer event 'EAP_TX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.753: LOCAL_AUTH: Found matching context for id - 319
    *EAP Framework: Jan 18 12:08:22.753: LOCAL_AUTH: (EAP:319) transmit event
    *EAP Framework: Jan 18 12:08:22.754: AuthorizationResponse: 0x13c713fc
    *EAP Framework: Jan 18 12:08:22.754: structureSize................................711*EAP Framework: Jan 18 12:08:22.754: resultCode...................................255*EAP Framework: Jan 18 12:08:22.754: protocolUsed.................................0x00000080*EAP Framework: Jan 18 12:08:22.754: proxyState...................................18:3D:A2:0A:EC:BC-02:04*EAP Framework: Jan 18 12:08:22.754: Packet contains 1 AVPs (not shown)*EAP Framework: Jan 18 12:08:22.755: LOCAL_AUTH: AAA LOCAL AUTH EAP PKT AVP attribute 4f length 297
    *EAP Framework: Jan 18 12:08:22.755: LOCAL_AUTH: AAA LOCAL AUTH TX PKT DUMP code cc id 00 type 2b
    *aaaQueueReader: Jan 18 12:08:22.830: LOCAL_AUTH: EAP: Received an auth request
    *aaaQueueReader: Jan 18 12:08:22.830: LOCAL_AUTH: Found context matching MAC address - 319
    *aaaQueueReader: Jan 18 12:08:22.830: LOCAL_AUTH: (EAP:319) Sending the Rxd EAP packet (id 6) to EAP subsys
    *EAP Framework: Jan 18 12:08:22.831: EAP-EVENT: Received event 'EAP_RX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.831: EAP-AUTH-RX-PAK:
    *EAP Framework: Jan 18 12:08:22.831: eap_core.c:1484: Code:RESPONSE  ID:0x 6  Length:0x015c  Type:FAST
    *EAP Framework: Jan 18 12:08:22.831: eap_core.c:1422:     Payload:  810000015216030100070B0000030000 ...
    *EAP Framework: Jan 18 12:08:22.831: EAP-EVENT: Stopping 'Authenticator Retransmit' timer for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.831: EAP-AUTH-EVENT: EAP Response received by context 0x78000041
    *EAP Framework: Jan 18 12:08:22.832: EAP-AUTH-EVENT: EAP Response type = Method (43)
    *EAP Framework: Jan 18 12:08:22.832: EAP-AUTH-EVENT: Sending method data for context 0x78000041
    *EAP Framework: Jan 18 12:08:22.832: EAP-EVENT: Sending method directive 'Receive Packet' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.832: eap_fast.c-AUTH-EVENT: Process Response, type: 0x2b
    *EAP Framework: Jan 18 12:08:22.832: eap_fast_auth.c-AUTH-EVENT: Process Response (EAP handle = 0x78000041)
    *EAP Framework: Jan 18 12:08:22.832: eap_fast_auth.c-RX-AUTH-PAK:
    *EAP Framework: Jan 18 12:08:22.832: eap_core.c:1484: Code:RESPONSE  ID:0x 6  Length:0x015c  Type:FAST
    *EAP Framework: Jan 18 12:08:22.832: eap_core.c:1422:     Payload:  810000015216030100070B0000030000 ...
    *EAP Framework: Jan 18 12:08:22.832: eap_fast_auth.c-AUTH-EVENT: Received TLS record type: Handshake in state: Sent provisioning Server Hello
    *EAP Framework: Jan 18 12:08:22.832: eap_fast_auth.c-AUTH-EVENT: Reading Client Certificate handshake
    *EAP Framework: Jan 18 12:08:22.832: eap_fast.c:286: EAP-FAST-AUTH-RX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.832: eap_fast.c:255: Content:Handshake  Version:0301  Length:0x0007
    *EAP Framework: Jan 18 12:08:22.832: eap_core.c:1422:     Payload:  0B000003000000
    *EAP Framework: Jan 18 12:08:22.832: eap_fast.c:202: Handshake type:Certificate  Length:0x0003
    *EAP Framework: Jan 18 12:08:22.832: eap_core.c:1422:     Payload:  000000
    *EAP Framework: Jan 18 12:08:22.833: eap_fast.c-EVENT: Client Certificate handshake empty
    *EAP Framework: Jan 18 12:08:22.833: eap_fast_auth.c-AUTH-EVENT: Rx'd I-ID: "EAP-FAST I-ID" from Peer Cert
    *EAP Framework: Jan 18 12:08:22.833: eap_fast_auth.c-AUTH-ERROR: Required cert not provided by client
    *EAP Framework: Jan 18 12:08:22.833: eap_fast.c:286: EAP-FAST-AUTH-TX-TLS-RECORD:
    *EAP Framework: Jan 18 12:08:22.833: eap_fast.c:255: Content:Alert  Version:0301  Length:0x0002
    *EAP Framework: Jan 18 12:08:22.833: eap_core.c:1422:     Payload:  0228
    *EAP Framework: Jan 18 12:08:22.833: eap_fast_auth.c-AUTH-SM: Changing state: Sent provisioning Server Hello -> Alert
    *EAP Framework: Jan 18 12:08:22.833: eap_fast.c:2367: eap-fast tx packet:
    *EAP Framework: Jan 18 12:08:22.833: eap_fast.c:138: Version: 1  Flags:L  Length:0x0007
    *EAP Framework: Jan 18 12:08:22.833: eap_core.c:1422:     Payload:  15030100020228
    *EAP Framework: Jan 18 12:08:22.833: eap_fast.c-TX-AUTH-PAK:
    *EAP Framework: Jan 18 12:08:22.833: eap_core.c:1484: Code:REQUEST  ID:0x 0  Length:0x0011  Type:FAST
    *EAP Framework: Jan 18 12:08:22.833: eap_core.c:1422:     Payload:  810000000715030100020228
    *EAP Framework: Jan 18 12:08:22.833: EAP-AUTH-EVENT: EAP method state: Continue
    *EAP Framework: Jan 18 12:08:22.834: EAP-AUTH-EVENT: EAP method decision: Fail
    *EAP Framework: Jan 18 12:08:22.834: EAP-AUTH-EVENT: Current method = 43
    *EAP Framework: Jan 18 12:08:22.834: EAP-AUTH-EVENT: Sending packet to lower layer for context 0x78000041
    *EAP Framework: Jan 18 12:08:22.834: EAP-AUTH-TX-PAK:
    *EAP Framework: Jan 18 12:08:22.834: eap_core.c:1484: Code:REQUEST  ID:0x 7  Length:0x0011  Type:FAST
    *EAP Framework: Jan 18 12:08:22.834: eap_core.c:1422:     Payload:  810000000715030100020228
    *EAP Framework: Jan 18 12:08:22.834: EAP-EVENT: Started 'Authenticator Retransmit' timer (60) for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.834: EAP-EVENT: Started EAP tick timer
    *EAP Framework: Jan 18 12:08:22.834: EAP-EVENT: Sending lower layer event 'EAP_TX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.834: LOCAL_AUTH: Found matching context for id - 319
    *EAP Framework: Jan 18 12:08:22.834: LOCAL_AUTH: (EAP:319) transmit event
    *EAP Framework: Jan 18 12:08:22.834: AuthorizationResponse: 0x13c713fc
    *EAP Framework: Jan 18 12:08:22.834: structureSize................................65*EAP Framework: Jan 18 12:08:22.834: resultCode...................................255*EAP Framework: Jan 18 12:08:22.835: protocolUsed.................................0x00000080*EAP Framework: Jan 18 12:08:22.835: proxyState...................................18:3D:A2:0A:EC:BC-02:05*EAP Framework: Jan 18 12:08:22.835: Packet contains 1 AVPs (not shown)*EAP Framework: Jan 18 12:08:22.835: LOCAL_AUTH: AAA LOCAL AUTH EAP PKT AVP attribute 4f length 11
    *EAP Framework: Jan 18 12:08:22.835: LOCAL_AUTH: AAA LOCAL AUTH TX PKT DUMP code cc id 00 type 2b
    *aaaQueueReader: Jan 18 12:08:22.838: LOCAL_AUTH: EAP: Received an auth request
    *aaaQueueReader: Jan 18 12:08:22.838: LOCAL_AUTH: Found context matching MAC address - 319
    *aaaQueueReader: Jan 18 12:08:22.838: LOCAL_AUTH: (EAP:319) Sending the Rxd EAP packet (id 7) to EAP subsys
    *EAP Framework: Jan 18 12:08:22.838: EAP-EVENT: Received event 'EAP_RX_PACKET' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.839: EAP-AUTH-RX-PAK:
    *EAP Framework: Jan 18 12:08:22.839: eap_core.c:1484: Code:RESPONSE  ID:0x 7  Length:0x0006  Type:FAST
    *EAP Framework: Jan 18 12:08:22.839: eap_core.c:1422:     Payload:  01
    *EAP Framework: Jan 18 12:08:22.839: EAP-EVENT: Stopping 'Authenticator Retransmit' timer for EAP session handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.839: EAP-AUTH-EVENT: EAP Response received by context 0x78000041
    *EAP Framework: Jan 18 12:08:22.839: EAP-AUTH-EVENT: EAP Response type = Method (43)
    *EAP Framework: Jan 18 12:08:22.839: EAP-AUTH-EVENT: Sending method data for context 0x78000041
    *EAP Framework: Jan 18 12:08:22.839: EAP-EVENT: Sending method directive 'Receive Packet' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.839: eap_fast.c-AUTH-EVENT: eap_fast_rx_packet(): EAP Fast NoData (0x2b)
    *EAP Framework: Jan 18 12:08:22.840: eap_fast.c-AUTH-EVENT: Process Response, type: 0x2b
    *EAP Framework: Jan 18 12:08:22.840: eap_fast_auth.c-AUTH-EVENT: Process Response (EAP handle = 0x78000041)
    *EAP Framework: Jan 18 12:08:22.840: eap_fast_auth.c-RX-AUTH-PAK:
    *EAP Framework: Jan 18 12:08:22.840: eap_core.c:1484: Code:RESPONSE  ID:0x 7  Length:0x0006  Type:FAST
    *EAP Framework: Jan 18 12:08:22.840: eap_core.c:1422:     Payload:  01
    *EAP Framework: Jan 18 12:08:22.840: eap_fast_auth.c-AUTH-EVENT: Received ACK from peer
    *EAP Framework: Jan 18 12:08:22.840: EAP-AUTH-EVENT: EAP method state: Done
    *EAP Framework: Jan 18 12:08:22.840: EAP-AUTH-EVENT: EAP method decision: Fail
    *EAP Framework: Jan 18 12:08:22.840: EAP-EVENT: Received get canned status from lower layer (0x78000041)
    *EAP Framework: Jan 18 12:08:22.840: EAP-EVENT: Sending method directive 'Free Context' on handle 0x78000041
    *EAP Framework: Jan 18 12:08:22.840: eap_fast.c-EVENT: Free context (EAP handle = 0x78000041)
    *EAP Framework: Jan 18 12:08:22.840: id_manager.c-AUTH-SM: Entry deleted fine id f700000e - id_delete
    *EAP Framework: Jan 18 12:08:22.840: IOS_PKI_SHIM: Session 0x335ee108 deleted
    *EAP Framework: Jan 18 12:08:2

    Now we found the reason.
    The WLC doesn´t work with the Sub CA respectively with chain certificates for device authentication.
    "Support for Chained Certificate
    In controller versions earlier than 5.1.151.0, web authentication  certificates can be only device certificates and should not contain the  CA roots chained to the device certificate (no chained certificates).
    With controller version 5.1.151.0 and later, the controller allows  for the device certificate to be downloaded as a chained certificate for  web authentication.
    Certificate Levels
    Level 0—Use of only a server certificate on WLC.
    Level 1—Use of server certificate on WLC and a CA root certificate.
    Level 2—Use of server certificate on WLC, one single CA intermediate certificate, and a CA root certificate.
    Level 3—Use of server certificate on WLC, two CA intermediate certificates, and a CA root certificate.
    WLC does not support chained certificates more than 10KB size on the WLC.
    Note: Chained certificates are supported for web authentication only; they are not supported for the management certificate."
    So the WLC can´t decode the peer certificate.

  • Provide steps to send Root CA certificate to the Lync client, getting error" There was a problem verifying certificate from the server"

    Hi,
      I Build an Lync 2013 set up with FEpool, Director pool and Exchange server is integrated. I have windows 8 client machine, with Lync client installed. When I try to login to the lync client, I am getting error like"There was a problem verifying
    certificate from the server".
    When I installed ROOT CA cert  manually on client machine I am able to login to the lync client. similarly if I add my client machine in my domain, I am able to login to the Lync client.
    Now is there any other way to send the certificate automatically to the client machine (Which are NOT part of the DOMAIN) from the server, instead of manual installation process.
    Please help me troubleshoot this problem

    Agree with S Guna, there is no easy way to push a certificate automatically to a client that you don't control other than building an installer package and asking them to run it.  In this situation, if there are a lot of non-domain joined machines
    a third party certificate is the way you need to go.
    Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
    SWC Unified Communications

  • Problem in certificate installation

    Hello friends,
    I have created an application in j2me . I have also created a certificate for that. I am using Nokia 2860 cdma mobile. When i install this certificate on emulator it works fine with my application. But when i am trying to install it on mobile with application it will give me an error saying invalid file format . Anybody having the idea of that .
    Please help me out this problem. I have searched on the net about the specification of the mobiles but i am not able to find any thing about the certificate.

    hi,
    I have tried again to install certificate but when i copy the certificate in mobile i.e nokia 2865 it is not able to install. It is giving me an error saying file format in invalid. And i have tried the same certificate on n70 it works fine. So can you tell me what the problem is?
    Thanks ,
    Anup

  • Error installing certificate with Cisco 5508 7.4.110

    hi All,
    I am getting Error while installing the web certificate on a WLC.
    (Cisco Controller) >transfer download start
    Mode............................................. TFTP
    Data Type........................................ Site Cert
    TFTP Server IP................................... 10.225.5.11
    TFTP Packet Timeout.............................. 6
    TFTP Max Retries................................. 10
    TFTP Path........................................ ./
    TFTP Filename.................................... final-cert.pem
    This may take some time.
    Are you sure you want to start? (y/N) y
    TFTP Webauth cert transfer starting.
    TFTP receive complete... Installing Certificate.
    Error installing certificate.
    the Copy works fine but for some reason installation doesnt complete. I am having issues even with GUI mode.
    Please let me know what is should do.

    What I mean is that you can't take another customers certificate and load it onto another customers WLC.  The certificate is assigned to a FQDN (Fully Qualified Domain Name)  whcih will be a DNS entry for the customer who it was registered to, so you can't and shouldn't use it for any other client.  You need to generate one certificate per client.
    Thanks,
    Scott
    Help out other by using the rating system and marking answered questions as "Answered"

  • How to install certificate for B1if

    Dear Experts,
    I would like to know how do I install certificate for the B1if because the B1if currently behind a ISA server and when the B1if has any problem with the SSL the ISA server block the transfer and the mobile application doesn't work.
    Thank you in advance.
    Nghia

    Hi,
    you have to use the tomcat keytool C:\...\SAP Business One Integration\sapjre_6_64\jre\bin
    (http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html)

  • Cannot install certificate, Cannot install certificate

    Hello
    I have a 13 inch Macbook Pro with Mac OSX 10.8.1 ML.
    My problem is about installing custom certificates.
    I was trying to install custom certificates (the type where you download and double click to install) and nothing responded. I tried another certificate and that worked, but only this one refused to work.
    Can anyone help?
    thanks

    (off topic) please stop posting new threads with the title given twice - as in "Cannot install certificate, Cannot install certificate"
    Once will do.
    TIA.

  • Safari ignores installed certificates?

    Hello
    I'm a support technician working at AO Foundation in Switzerland, a non-profit organization researching bone fracture healing methods. Recently, we opened a surgery reference area of our website which requires the user to download and install security certificates for access. I've been having trouble with security certificates under Safari, having gone thru the following these steps:
    1) goto www.aofoundation.org/subscribe/
    2) Complete the subscription process
    3) Using the username & password received in the emails, go to www.aofoundation.org/downloadcenter and download a security certificate
    4) Install downloaded certificate to the keychain by double-clicking it.
    5) goto www.aofoundation.org/surgery/ and click the blue "Enter AO Surgery" button
    6) Because you've already installed the certificate, click the blue "Go!" button
    Theoretically, that's all that's needed to make the certificate work, right?
    Under Firefox, I have to import it to FFox's own, internal certificate store, and then I can enter the surgery reference without any problems. But I seem to be missing something in Safari? Why does Safari ignore the installed certificates?
    Keychain mentions the certificate is from an untrusted source, and yet even setting it to "Always trust", Safari still ignores it. Or rather, it doesn't even let me select any security certificate, I just get rerouted to the "You have no certificate installed" web page.
    Help?

    Problem still exist as of today...I updated my Safari 5.1 on Friday (7/22/11) and I'm also having this problem with no help on fixing it....

Maybe you are looking for