Most of our FortiAP-423E(>10pcs) are not reachable over https anymore(ssh works fine). The AP responds with "internal error".
Transport Layer Security TLSv1.2 Record Layer: Handshake Protocol: Server Hello TLSv1.2 Record Layer: Handshake Protocol: Certificate TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error) Content Type: Alert (21) Version: TLS 1.2 (0x0303) Length: 2 Alert Message Level: Fatal (2) Description: Internal Error (80)
When i try to fetch the certificate from the AP, the AP doesn't offer any ciphers(full output attached):
---New, (NONE), Cipher is (NONE)Server public key is 2048 bitSecure Renegotiation IS supportedCompression: NONEExpansion: NONENo ALPN negotiatedSSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: PSK identity: None PSK identity hint: None SRP username: None Start Time: 1608465143 Timeout : 7200 (sec) Verify return code: 21 (unable to verify the first certificate) Extended master secret: no---
Model and Firmware: FortiAP-423E v6.2,build0290,200513 (GA)
Can anyone help with this problem? Is there a way to recreate the AP-Certificate?