%HTTPS: http ssl get context fail – Cisco AP

0
125

Not too long ago I was having some issues with a couple of autonomous Cisco access points. The wireless networks were working, SSH was working, and even the standard HTTP server was working, but HTTPS would not. I was greeted with “Page cannot be displayed” every time I tried to load it. The exact error looked like this in my syslog:

%HTTPS: http ssl get context fail (-41104)
HTTP: ssl get context failed (-40407)

The first thing I did was check the secure server status:

AP# show ip http server secure status
HTTP secure server status: Enabled
HTTP secure server port: 443
HTTP secure server ciphersuite: rc4-128-md5 rc4-128-sha
HTTP secure server client authentication: Disabled
HTTP secure server trustpoint: CA-trust-local

That showed me that the server was up and running the way that I wanted it to be. The key is all around the crypto keys. I had one created already that for whatever reason was not working. My understanding is that moving these between AP’s such as if you are replacing one can cause issues, but the fix is easy. Just re-create the keys and try again. In my case, it worked immediately on one AP and on the other, I had to do it after a fresh reboot of the AP:

AP(config)#crypto key zeroize rsa
AP(config)#crypto key generate rsa
How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys ...[OK]

Once completed, the web interface loaded just fine and looked as it should:

Cisco Aironet Web Interface
www.cisco.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.