Which Cisco WLC debug command would allow you to determine if the certificate process is failing in the CAPWAP messages?
A. debug capwap events enable
B. debug capwap packet enable
C. debug capwap errors enable
D. debug cert events enable
E. debug pm pki enable
E is correct because…
Pay attention on the question… “would allow you to DETERMINE if the certificate process is failing”…
debug pm pki enable = Details on certificate validation.
https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/112064-wlc-commands.html
E or C???
1. According the link below, both C and E makes sense.
Problem 4: There is a certificate or public key corruption on the AP
The LAP does not join a controller because of a certificate issue.
Issue the debug capwap errors enable and debug pm pki enable commands. You see messages that indicate the certificates or keys that are corrupted.
https://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/119286-lap-notjoin-wlc-tshoot.html
2. According to Cisco official curriculum I vote for E “debug pm pki enable” – show certification validation process