• State
  • Locked Locked
  • Replies 3 replies
  • Subscribers 41 subscribers
  • Views 317 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

CC3100: Rejecting Certificate.. After First Trusting the Certificate.. Power Cycle Corrects/Fixes it..

Newman
Expert 6005 points
Part Number: CC3100

Hi Team WiFi,

I have the following customer issue/question..

“I was wondering if you could provide any insight into an issue with a CC3100.

They have an 802.1X network with PEAP0 MSCHAPv2 and seemingly at random, a client (us) will start rejecting their loaded root CA cert and drop from the network.

If they power cycle our side, it’ll connect back up happily.

According to their IT they’ve seen where we initially trust the cert, connect and authenticate, but after a while it starts rejecting it and only a power cycle can get it to recover. They’ve also seen where the client on and off trusts and rejects the cert without a power cycle.

Same symptoms across multiple boards.

From what I can tell, the CC3100 is not locking up, but also not sending a “disconnected” callback to the host processor.

They sent the screenshots below of the AP side errors they’re getting and, after some googling, does seem to be a client side error. They have other plants up and running without this issue, so I’m not ruling out a network config issue, but I was wondering if you’ve heard of anything similar happening elsewhere or have any insight into what might be happening?

74-e1-82-3a-c4-9e : starts rejecting cert

F4-84-4c-3d-99-37 : client rejecting connection

F4-84-4c-65-26-00 : client rejecting cert”

Thanks, Merril

  • 0
    TI__Mastermind 30790 points

    This is strange behavior indeed. Off the top of my head, I can't think of any specific network configuration that could cause these devices to start failing their connection based on rejecting the certificate presented by the Radius server.

    It sounds as if some other error has occurred on the device and after it happens, the system is unable to reconnect until getting power cycled.

    Can we get more details on the device-side setup? What servicepack version is being used?

    I know this may be difficult since it sounds like this is happening only at an end-user's site, but is there any way to collect a sniffer capture of the scenario or network processor logs from a device exhibiting this issue?

    Best Regards,

    Ben M

  • 0 in reply to Benjamin Moore
    TI__Intellectual 2615 points

    Hi Ben -

    Thanks for the feedback - I'm going to jump in and comment on the below. 

    NWP Version 2.7.0.0

    MAC Version 1.4.0.1

    PHY Version 1.0.3.34

    We have requested a wireshark trace of the wireless data, but don’t have one yet

    NWP logs will likely not be possible unfortunately

    Please let us know your thoughts based on the above. 

    Thanks. 

  • 0 in reply to Dan Cristy
    TI__Mastermind 30790 points

    Hi Dan,

    A wireshark trace will definitely help if they can capture all the authentication messages. Please keep me posted on the progress there.

    The customer should also try testing with an updated servicepack version (2.12.2.8 here: https://www.ti.com/tool/download/CC3100SDK) to verify they see the same behavior with the latest firmware.

    Best Regards,

    Ben M