Control-Plane-Security: CPSec

Step1. default はAuto Cert Provisioningはオフになっているので、オンにする。
Step2. リブート後に成功。

(Aruba7210-1) (Control Plane Security Profile) # show control-plane-security

Control Plane Security Profile
------------------------------
Parameter                    Value
---------                    -----
Control Plane Security       Enabled
Auto Cert Provisioning       Disabled
Auto Cert Allow All          Enabled
Auto Cert Allowed Addresses  N/A

(Aruba7210-1) (Control Plane Security Profile) #auto-cert-?
auto-cert-allow-all     When enabled, automatic certificate provisioning is
                        allowed on all APs. When disabled, only APs whose IP
                        addresses are in the ranges specified by
                        auto-cert-allowed-addrs are allowed.
auto-cert-allowed-add.. Range of AP IP addresses allowed for automatic
                        certificate provisioning. Multiple ranges may be
                        specified.
auto-cert-prov          Enable or disable automatic provisioning of
                        certificates on legacy APs

(Aruba7210-1) (Control Plane Security Profile) #auto-cert-prov ?
<cr>

(Aruba7210-1) (Control Plane Security Profile) #auto-cert-prov
(Aruba7210-1) (Control Plane Security Profile) #show control-plane-security

Control Plane Security Profile
------------------------------
Parameter                    Value
---------                    -----
Control Plane Security       Enabled
Auto Cert Provisioning       Enabled
Auto Cert Allow All          Enabled
Auto Cert Allowed Addresses  N/A



(Aruba7210-1) #show ap database

AP Database
-----------
Name      Group  AP Type  IP Address   Status             Flags  Switch IP       Standby IP
----      -----  -------  ----------   ------             -----  ---------       ----------
93H       TK-BP  93H      4.4.4.0      Up 12d:21h:36m:8s  RI     10.215.107.128  0.0.0.0
AP-205-1  TK-BP  205      10.215.1.96  Up 1m:48s          2      10.215.107.128  0.0.0.0
RAP-1     TK-BP  105      4.4.4.1      Down               R      10.215.107.128  0.0.0.0

Flags: U = Unprovisioned; N = Duplicate name; G = No such group; L = Unlicensed
       I = Inactive; D = Dirty or no config; E = Regulatory Domain Mismatch
       X = Maintenance Mode; P = PPPoE AP; B = Built-in AP; s = LACP striping
       R = Remote AP; R- = Remote AP requires Auth; C = Cellular RAP;
       c = CERT-based RAP; 1 = 802.1x authenticated AP; 2 = Using IKE version 2
       u = Custom-Cert RAP; S = Standby-mode AP; J = USB cert at AP
       i = Indoor; o = Outdoor
       M = Mesh node; Y = Mesh Recovery