[cisco-voip] ITL and TVS question - CUCM 8.5.1.14048-1 and Secure URLs not working (corp dir, etc)

Erick B. erickbee at gmail.com
Thu Jan 5 10:26:49 EST 2012


Hi,

Question on regenerating TVS certificate, client upgraded from 6.x to
8.5.1.14048-1 and ever since the corp directory is not working on
phones that use secure URLs (7911, 7975, etc). I set it to a
non-secure URL and restarted TVS service like in a cisco article I
found and the corporate directory still saids host not found when they
try to use it. Same problem for services url.

The phones have no ITL file installed on them and no trust list right
now either. I set up a IP communicator and the corp directory worked
on that, it was using the non-secure URL even though I had secure
directories URL configured.


I found another cisco document on this with another step that states
to do a 'show itl' on the server and if the verification fails to
regenerate the TVS certificate. The 'show itl' shows verification
failed, and I've read over the Security By Default document on the
support site and I think I am safe by just regenerating the TVS
certificate and resetting the phones but I wanted to ask here as I
haven't dealt with this yet really and my past run ins with security
and certificates on the phones were not all that pleasant. I do have a
TAC case on this also but the person doesn't seem to know what to do
with this ITL not verifying issue and currently wants me to downgrade
from 9.2 firmware to 8.5.4 to fix the corp directory issue.

 Any other things I can try? I'm going to try to find a better TAC
resource in meantime.

Erick


More information about the cisco-voip mailing list