Community discussions

MikroTik App
 
arfoll
newbie
Topic Author
Posts: 28
Joined: Mon Sep 24, 2012 8:24 pm

Audience SSL error when joining capsman (works with CAP ACs)

Sat Jan 15, 2022 9:05 pm

I'm trying to add an audience device into an existing capsman network. I have 3 CAP ACs all on 7.1.1 and this one audience. I do the usual setup and configure it to join 192.168.88.1 as capsman with certificate request on auto. And it fails misreably:
CAP connect to hydrogen (2C:C8:1B:FF:8F:5E/12/0) failed: ssl: fatal alert received (6)
As soon as I stop capsman forcing requests the audience device joins correctly.

I was seeing such issues with a previous 7rc on the CAP ACs but I've reset capsman a few times and the audience is the only device that seems to have this limitation.

Another weird thing is the capnam seems invalid, I wonder if this is why it fails to create a cert as the name contains an invalid char?
[brendan@hydrogen] /caps-man> remote-cap/print 
Columns: ADDRESS, NAME, STATE, RADIOS
#  ADDRESS                  NAME                 STATE  RADIOS
0  48:8F:5A:C8:XX:XX/11573  [48:8F:5A:C8:XX:XX]  Run         3
1  2C:C8:1B:9F:XX:XX/58077  CAP-2CC81B9XXXX     Run         2
2  74:4D:28:C2:XX:XX/29735  CAP-744D28C2XXXX     Run         2
Any ideas?
 
RaynoP
newbie
Posts: 34
Joined: Thu Jun 30, 2011 10:59 am

Re: Audience SSL error when joining capsman (works with CAP ACs)

Tue Apr 26, 2022 1:45 pm

I added some APs to my network and got the same error - CAP AC2 devices on ROS 7.2.1 and CAPsMAN on ROS 6.49.2. I do not know if this is related or if it will work, but maybe it does...

On my main RB controlling my APs I had to switch off the "Require Peer Certificate" setting and the request the cert on the AP, once the Cert then displayed in the AP config I could go back and re-enable this setting.

In my experience the sequence that you 1) enable CAP management, 2) request a new Cert and 3) lock it to the CAPsMAN was very unforgiving. Once you have the recipe down it always works.

Who is online

Users browsing this forum: No registered users and 19 guests