Technical Tip: FortiAPs not coming online after upgrading to FortiOS 7.0

Description
The 3DES and SHA1 ciphers have been removed from the strong cipher list in FortiOS v7.0.0.
This is preventing some FortiAP and older FortiAP images using weaker ciphers from connecting to the FortiGate.

This article describes how to fix this issue.

Scope
FortiGate

Solution
To workaround this issue, it is required to enter the following commands on the FortiGate:

# config system global
    set ssl-static-key-ciphers enable
    set strong-crypto disable
end

Note.
Once the configuration change has been made it is required to restart the acd demon.

# execute wireless-controller restart-acd