BugZero | Cisco BugID CSCwi19443 - Crash after failed CRL fetch for the DNAC-CA trust...

Cisco - Defect ID: CSCwi19443

Crash after failed CRL fetch for the DNAC-CA trustpoint

Cisco - Defect ID: CSCwi19443

Crash after failed CRL fetch for the DNAC-CA trustpoint

Last updated on November 21st, 2025

BugZero Risk Score
7.4 High

Overall: 7.4

Severity: 8.2

Lifecycle: 4.6

Popularity: 5.1

What is the BugZero Risk Score?

Cisco Integration

Learn more about where this data comes from

Cisco Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Views: 12

Description

Symptom

A switch may crash with a last reload reason of "Critical software exception" after a failed CRL fetch for the DNAC-CA trustpoint. Console output may reveal this to be a segmentation fault in the "Crypto PKI-CRL" process.

Conditions

Performing a CRL fetch for the DNAC-CA trustpoint.

Workaround

Consider modifying the revocation check of the DNAC-CA trustpoint configuration to "revocation-check none". This should be done at the DNAC under trustpoint configuration.

Further Problem Description

This issue is still under investigation.

Change history

2025-11-21 Added: 17.9.3, 17.9.4

Top Cisco Defects

No bugs this month

Ready to prevent the next vendor outage?

Get a demo

Cisco - Defect ID: CSCwi19443

Crash after failed CRL fetch for the DNAC-CA trustpoint

Cisco - Defect ID: CSCwi19443

Crash after failed CRL fetch for the DNAC-CA trustpoint

Last updated on November 21st, 2025

BugZero Risk Score7.4 High

Bug Details

Symptom

Conditions

Workaround

Further Problem Description

Links

Top Cisco Defects

Ready to prevent the next vendor outage?

BugZero Risk Score
7.4 High