No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>


To have a better experience, please upgrade your IE browser.


SNS2224 Switch Status Marginal

Publication Date:  2017-08-22 Views:  660 Downloads:  0
Issue Description

Fault symptom: MARGINAL Status after Fabric OS upgrade




Handling Process

1. Trying to deactivate MAPS policy and the monitoring for Switch. This brought no results since MAPS wasn't licensed and a constant error message regarding the license for MAPS appeared while trying to execute MAPS commands.

2. Find a way to create Self-Signed Certificates, this worked perfectly. After searching on official Brocade website finding the command brought the success.




Root Cause

After Customer upgraded the FabricOS to 8.1.0b, Switch went in MARGINAL status due to expired Certs. Since OS higher than 7.4 MAPS was implicitly active even though no license  was purchased this situation didn’t permit any MAPS commands in order to ignore these monitoring for certificates while trying customer got error message that the operation cannot be performed due to missing MAPS license.

The Monitoring and Alerting Policy Suite (MAPS) is a storage area network (SAN) health monitor supported on all switches running Fabric OS 7.2.0 or later. Monitoring SAN switches enables early fault detection and isolation as well as permitting performance measurements. This allows each MAPS-enabled switch to constantly monitor itself for potential faults and automatically
alert you to problems before they become costly failures.

MAPS is implicitly activated when you install Fabric OS 7.4.0 or a later release; however, doing so without a license provides reduced functionality.. When you upgrade to Fabric OS 7.4.0 or a later version, MAPS starts monitoring the switch as soon as the switch is active.

Error message: Marginal Status, Switch Status is MARGINAL. Contributors:*EXPIRED_CERTS (MARGINAL)


Solution: There is a command line to create Self-SignedCertificates
seccertutil generate -https  -keysize <1024|2048|4096|8192> -type<rsa|dsa> -hash <sha1|sha256|sha512> -years <x >[-nowarn]