THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Revision | Publish Date | Comments |
---|---|---|
1.0 |
07-Nov-19 |
Initial Release |
Affected OS Type | Affected Software Product | Affected Release | Affected Release Number | Comments |
---|---|---|---|---|
NON-IOS |
Security Manager (CSM) Software |
4.7 |
4.7, 4.7sp1, 4.7sp2, 4.7SP3, 4.7SP4 |
|
NON-IOS |
Security Manager (CSM) Software |
4.8 |
4.8, 4.8 SP2, 4.8sp1 |
|
NON-IOS |
Security Manager (CSM) Software |
4.9 |
4.9 |
|
NON-IOS |
Security Manager (CSM) Software |
4.10 |
4.10, 4.10 SP1, 4.10 SP2 |
|
NON-IOS |
Security Manager (CSM) Software |
4.11 |
4.11, 4.11 SP1, 4.11 SP2 |
|
NON-IOS |
Security Manager (CSM) Software |
4.12 |
4.12 SP1, 4.12 SP2 |
|
NON-IOS |
Security Manager (CSM) Software |
4.13 |
4.13 SP1 |
|
NON-IOS |
Security Manager (CSM) Software |
4.14 |
4.14 SP1, 4.14 SP2 |
|
NON-IOS |
Security Manager (CSM) Software |
4.15 |
4.15 |
|
NON-IOS |
Security Manager (CSM) Software |
0 |
4.16 |
|
NON-IOS |
Security Manager (CSM) Software |
4.17 |
4.17 SP1 |
|
NON-IOS |
Security Manager (CSM) Software |
4.X |
4.18 |
|
NON-IOS |
Security Manager (CSM) Software |
4.19 |
4.19 SP1 |
Defect ID | Headline |
---|---|
CSCvf34445 | There were no defects filed with this field notice at the time of publication. |
A certificate change for api.cisco.com might prevent the Cisco Security Manager (CSM) application from downloading software images from cisco.com.
The certificate change also affects the ability of CSM to obtain GeoIP and IPS signature downloads.
The certificate used to establish trust for api.cisco.com was renewed on October 11, 2019. As a result, the Image Manager in CSM might be unable to download software images from cisco.com until you import the new certificate for api.cisco.com.
Reference the CSM Configuration Guide for more information about how certificates are handled within CSM.
If the CSM application is unable to communicate with api.cisco.com due to the certificate change:
The Image Manager displays the error "Update failed. Last updated at ..." when it tries to update the software image list, as shown below.
Attempts to download an image from cisco.com show the error "Failed with Exception" in the Downloads window, as shown below.
Customers should use the following procedure to import the new certificate and enable software image downloads from cisco.com.
First, update the certificate store entry for api.cisco.com with the new certificate:
In CSM, choose Tools > Security Manager Administration and then select CCO Settings from the table of contents.
In the Certificates table, select the api.cisco.com certificate and click Remove.
Update the api.cisco.com certificate:
In the Certificate section, select Other.
Enter "https://api.cisco.com" in the text field.
Click Retrieve Certificate.
The Certificate Verification dialog box displays.
In the Certificate Verification dialog box, click Accept.
The certificate is now updated.
After the certificate is updated, follow this procedure to download images:
Launch Image Manager.
From Image Manager, click the Check for Updates button in the top right corner of the screen
After you click the Check for Updates button, the software images are downloaded from cisco.com and the image list summary updates.
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
My Notifications—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.
Unleash the Power of TAC's Virtual Assistance