Troubleshooting Tip: Switch-controller 'msg="error:0A000416:SSL routines::ssl/tls alert certificate unknown --"' observed after the upgrade to v7.4

Adolfo_Z_H · ‎05-15-2024

This article describes that on the FortiGate switch controller section, log entries with msg="error:0A000416:SSL routines::ssl/tls alert certificate unknown -- " can be observed after the upgrade to v7.4.2.

Scope

FortiGate wireless controller for all versions and platforms, FortiSwtich v7.4.2.

Solution

After updating any FortiSwitch to v7.4.2, this kind of message starts to be observed on FortiGate switch controller logs referred to those units:

1: 2024-05-15 17:22:57 log_id=0103033601 tz=-0500 type=event subtype=system pri=notice vd=root sn=XXXXXXXXXXXX ui="https" msg="error:0A000416:SSL routines::ssl/tls alert certificate unknown -- "

Users may Ignore this kind of message, there are certificate issues between FortiGate and FortiSwitch and they are legitimate messages after an API request to FortiSwitch or while accessing FortiSwitch web GUI.

it is confirmed there is no risk to network performance or loss of features due to this issue. However, if the user is annoyed about it, a log filter could be possible.

For off box, raise the filter log level:

config log syslogd filter
set severity warning
end

For local logs, filter

execute log filter field pri emergency alert critical error warning
execute log display

Troubleshooting Tip: Switch-controller 'msg="error:0A000416:SSL routines::ssl/tls alert certificate unknown --"' observed after the upgrade to v7.4

You are leaving our website