Most of our FortiAP-423E(>10pcs) are not reachable over https anymore(ssh works fine). The AP responds with "internal error".
Transport Layer Security TLSv1.2 Record Layer: Handshake Protocol: Server Hello TLSv1.2 Record Layer: Handshake Protocol: Certificate TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error) Content Type: Alert (21) Version: TLS 1.2 (0x0303) Length: 2 Alert Message Level: Fatal (2) Description: Internal Error (80)
When i try to fetch the certificate from the AP, the AP doesn't offer any ciphers(full output attached):
---New, (NONE), Cipher is (NONE)Server public key is 2048 bitSecure Renegotiation IS supportedCompression: NONEExpansion: NONENo ALPN negotiatedSSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: PSK identity: None PSK identity hint: None SRP username: None Start Time: 1608465143 Timeout : 7200 (sec) Verify return code: 21 (unable to verify the first certificate) Extended master secret: no---
Model and Firmware: FortiAP-423E v6.2,build0290,200513 (GA)
Can anyone help with this problem? Is there a way to recreate the AP-Certificate?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.