[cisco-voip] 7945 Corporate Directory > host not found
Brian Meade
bmeade90 at vt.edu
Tue May 6 16:56:57 EDT 2014
That's because setting the rollback parameter isn't really disabling
Security By Default. All it does is generates a blank ITL file on each
node. It's really only supposed to be used for right before you move
phones back to a 7.x cluster. It was never meant to be any sort of
long-term solution.
On Tue, May 6, 2014 at 4:54 PM, Jason Aarons (AM) <
jason.aarons at dimensiondata.com> wrote:
> I’m just thinking if Security By Default is turned off with that
> Enterprise Parameter, why isn’t the phone honoring it? Is this a bug id?
>
>
>
> *From:* bmeade90 at gmail.com [mailto:bmeade90 at gmail.com] *On Behalf Of *Brian
> Meade
> *Sent:* Tuesday, May 06, 2014 4:32 PM
> *To:* Jason Aarons (AM)
> *Cc:* cisco-voip (cisco-voip at puck.nether.net)
> *Subject:* Re: [cisco-voip] 7945 Corporate Directory > host not found
>
>
>
>
>
> The phones now use a different method for reaching out to corporate
> directory now that Services Provisioning is set to Internal by default.
> You can try changing the Services Provisioning to External under
> Enterprise Parameters and then change the Corporate Directory IP Phone
> Service to point towards the actual Corporate Directory URL.
>
>
>
> Brian
>
>
>
> On Tue, May 6, 2014 at 4:22 PM, Jason Aarons (AM) <
> jason.aarons at dimensiondata.com> wrote:
>
> CUCM 9.1.2SU1 I built a new cluster/DRS restored, etc, then modified the
> Enterprise Parameters “ Prepare Cluster for *Rollback* to pre-8.0” set to
> True before added any phones and rebooted cluster. In short, I disabled
> Security By Default. Also under Enterprise Parameters I removed all entries
> under “Secured Phone URL Parameters”. We’ve also rebooted the cluster
> twice since doing this in January, then swapped our 7x cluster to the new
> 9.1.2SU1 cluster last week. No problems, and we could go back to our 7x
> cluster if we needed to back out.
>
>
>
> I’ve left SBD disabled, however on the 7970s/7945s when I go into
> Directories > Corporate Directory I get a “host not found”. I also erased
> the ITL file just to be sure that wasn’t the problem. That didn’t resolve
> the issue. Show itl looks good on the Pub, but again I’ve disabled SBD. So
> it shouldn’t matter.
>
>
>
> Is Corporate Directory just not available unless SBD is turned on?
>
>
>
>
>
>
>
> 7945 Phone Console log
>
> |== Syslogd TNP== Mon May 5 14:46:37 2014
>
> ====================================================
>
> 6406: ERR 14:46:37.942214 SECD: EROR:clpSetupSsl: SSL/TLS handshake
> failed, <10.88.233.101> c:9 s:10
>
> 6407: ERR 14:46:37.942965 SECD: EROR:clpSetupSsl: SSL/TLS setup failed,
> <10.88.233.101> c:9 s:10
>
> 6408: ERR 14:46:37.943683 SECD: EROR:clpSndStatus: SSL CLNT ERR,
> srvr<10.88.233.101>
>
> 6409: ERR 14:46:37.944303 SECD: EROR:secErr_errStr: *** bad err table ***
>
> 6410: ERR 14:46:37.944981 SECD: EROR:secErr_errStr: ** SEC-ERR:
> code:3(N/A) subcode:9(UNKNOWN_CERT)
>
> 6411: ERR 14:46:37.945654 SECD: EROR:clpSndStatus: ** SEC-ERR: desc <HTTPS
> cert not in CTL>
>
> 6412: ERR 14:46:37.971834 JVM: Entering StcpOpenActiveSSL
>
> 6413: ERR 14:46:37.972504 JVM: Attempting HTTPS connect to 10.88.233.101
>
> 6414: ERR 14:46:37.975250 JVM: TLS connect pending
>
> 6415: ERR 14:46:37.975880 JVM: Leaving StcpOpenActiveSSL
>
> 6416: NOT 14:46:37.978149 SECD: clpDelClnt: closing conn to
> <10.88.233.101>, c:9, s:10
>
> 6417: NOT 14:46:37.979860 SECD: clpDelClnt: Adding a one second delay
> before we close the local socket
>
>
>
> 6418: NOT 14:46:37.983042 SECD: clpGetConnParams: IP Mode is 0, addr :
> 10.88.233.101
>
>
>
> 6419: NOT 14:46:37.983804 SECD: clpSetupSsl: IP TOS : 0
>
>
>
> 6420: NOT 14:46:37.984904 SECD: clpSetupSsl: HTTPS SSL/TLS req
> <10.88.233.101, TOS 0>
>
> 6421: WRN 14:46:37.986486 SECD: WARN:clpSetupSsl: no LSC for HTTPS, will
> try MIC, <10.88.233.101> c:11
>
> 6422: NOT 14:46:37.987268 SECD: clpSetupSsl: HTTPS, TLSv1, cert MIC,
> cipher [AES256-SHA:AES128-SHA:DES-CBC3-SHA]
>
> 6423: NOT 14:46:37.988270 SECD: clpSetupSsl: binding to lport
>
> 6424: NOT 14:46:37.988991 SECD: clpSetupSsl: setsockopt SOL_SOCKET set
>
>
>
> 6425: NOT 14:46:37.989655 SECD: clpSetupSsl: Set the TCP keepalive option
>
>
>
> 6426: NOT 14:46:37.991635 SECD: clpSetupSsl: binding to , <(null)>:<0>
>
> 6427: NOT 14:46:37.992502 SECD: clpSetupSsl: Trying to connect to IPV4,
> IP: 10.88.233.101, Port : 8443
>
> 6428: NOT 14:46:37.993574 SECD: clpSetupSsl: TCP connect() waiting,
> <10.88.233.101> c:11 s:10 port: 8443
>
> 6429: NOT 14:46:37.994792 SECD: clpSetupSsl: TCP connected,
> <10.88.233.101> c:11 s:10
>
> 6430: NOT 14:46:37.995658 SECD: clpSetupSsl: start SSL/TLS handshake,
> <10.88.233.101> c:11 s:10
>
> 6431: NOT 14:46:38.001216 SECD: srvr_cert_vfy: Server Certificate
> Validation needs to be done
>
> 6432: NOT 14:46:38.002712 SECD: findByIssuerAndSerialAndRoleInTL:
> Searching TL from CTL file
>
> 6433: NOT 14:46:38.003515 SECD: findByIssuerAndSerialAndRoleInTL:
> Searching TL from ITL file
>
> 6434: WRN 14:46:38.004221 SECD: WARN:getSubjectCTLentry: default lookup
> failed, try lookup using DN
>
> 6435: NOT 14:46:38.004896 SECD: findByCertAndRoleInTL: Searching TL from
> CTL file
>
> 6436: NOT 14:46:38.005562 SECD: findByCertAndRoleInTL: Searching TL from
> ITL file
>
> 6437: ERR 14:46:38.006260 SECD: EROR:https_cert_vfy: HTTPS cert not in
> CTL, <10.88.233.101>
>
> 6438: NOT 14:46:38.007020 SECD: srvr_cert_vfy: ** srvr cert verify FAILED
> ** <10.88.233.101>
>
> 6439: ERR 14:46:38.008171 SECD: EROR:clpState: SSL3 alert
> write:fatal:handshake failure:<10.88.233.101>
>
> 6440: ERR 14:46:38.009273 SECD: EROR:clpSetupSsl: ** SSL handshake failed,
> <10.88.233.101> c:11 s:10
>
> 6441: ERR 14:46:38.011328 SECD: EROR:clpSetupSsl: SSL/TLS handshake
> failed, <10.88.233.101> c:11 s:10
>
> 6442: ERR 14:46:38.012058 SECD: EROR:clpSetupSsl: SSL/TLS setup failed,
> <10.88.233.101> c:11 s:10
>
> 6443: ERR 14:46:38.012784 SECD: EROR:clpSndStatus: SSL CLNT ERR,
> srvr<10.88.233.101>
>
> 6444: ERR 14:46:38.013473 SECD: EROR:secErr_errStr: *** bad err table ***
>
> 6445: ERR 14:46:38.014168 SECD: EROR:secErr_errStr: ** SEC-ERR:
> code:3(N/A) subcode:9(UNKNOWN_CERT)
>
> 6446: ERR 14:46:38.014843 SECD: EROR:clpSndStatus: ** SEC-ERR: desc <HTTPS
> cert not in CTL>
>
> 6447: ERR 14:46:38.031312 JVM: Entering StcpOpenActiveSSL
>
> 6448: ERR 14:46:38.031990 JVM: Attempting HTTPS connect to 10.88.233.101
>
> 6449: ERR 14:46:38.034667 JVM: TLS connect pending
>
> 6450: ERR 14:46:38.035347 JVM: Leaving StcpOpenActiveSSL
>
> 6451: NOT 14:46:38.036612 SECD: clpDelClnt: closing conn to
> <10.88.233.101>, c:11, s:10
>
> 6452: NOT 14:46:38.038317 SECD: clpDelClnt: Adding a one second delay
> before we close the local socket
>
>
>
> 6453: NOT 14:46:38.040534 SECD: clpGetConnParams: IP Mode is 0, addr :
> 10.88.233.101
>
>
>
> 6454: NOT 14:46:38.041278 SECD: clpSetupSsl: IP TOS : 0
>
>
>
> 6455: NOT 14:46:38.042421 SECD: clpSetupSsl: HTTPS SSL/TLS req
> <10.88.233.101, TOS 0>
>
> 6456: WRN 14:46:38.044006 SECD: WARN:clpSetupSsl: no LSC for HTTPS, will
> try MIC, <10.88.233.101> c:12
>
> 6457: NOT 14:46:38.044799 SECD: clpSetupSsl: HTTPS, TLSv1, cert MIC,
> cipher [AES256-SHA:AES128-SHA:DES-CBC3-SHA]
>
> 6458: NOT 14:46:38.045788 SECD: clpSetupSsl: binding to lport
>
> 6459: NOT 14:46:38.046519 SECD: clpSetupSsl: setsockopt SOL_SOCKET set
>
>
>
> 6460: NOT 14:46:38.047183 SECD: clpSetupSsl: Set the TCP keepalive option
>
>
>
> 6461: NOT 14:46:38.047868 SECD: clpSetupSsl: binding to , <(null)>:<0>
>
> 6462: NOT 14:46:38.048644 SECD: clpSetupSsl: Trying to connect to IPV4,
> IP: 10.88.233.101, Port : 8443
>
> 6463: NOT 14:46:38.049777 SECD: clpSetupSsl: TCP connect() waiting,
> <10.88.233.101> c:12 s:10 port: 8443
>
> 6464: NOT 14:46:38.052303 SECD: clpSetupSsl: TCP connected,
> <10.88.233.101> c:12 s:10
>
> 6465: NOT 14:46:38.053150 SECD: clpSetupSsl: start SSL/TLS handshake,
> <10.88.233.101> c:12 s:10
>
> 6466: NOT 14:46:38.058035 SECD: srvr_cert_vfy: Server Certificate
> Validation needs to be done
>
> 6467: NOT 14:46:38.059539 SECD: findByIssuerAndSerialAndRoleInTL:
> Searching TL from CTL file
>
> 6468: NOT 14:46:38.066141 SECD: findByIssuerAndSerialAndRoleInTL:
> Searching TL from ITL file
>
> 6469: WRN 14:46:38.067100 SECD: WARN:getSubjectCTLentry: default lookup
> failed, try lookup using DN
>
> 6470: NOT 14:46:38.067801 SECD: findByCertAndRoleInTL: Searching TL from
> CTL file
>
> 6471: NOT 14:46:38.068715 SECD: findByCertAndRoleInTL: Searching TL from
> ITL file
>
> 6472: ERR 14:46:38.069643 SECD: EROR:https_cert_vfy: HTTPS cert not in
> CTL, <10.88.233.101>
>
> 6473: NOT 14:46:38.072027 SECD: srvr_cert_vfy: ** srvr cert verify FAILED
> ** <10.88.233.101>
>
> 6474: ERR 14:46:38.074086 SECD: EROR:clpState: SSL3 alert
> write:fatal:handshake failure:<10.88.233.101>
>
> 6475: ERR 14:46:38.075260 SECD: EROR:clpSetupSsl: ** SSL handshake failed,
> <10.88.233.101> c:12 s:10
>
> 6476: ERR 14:46:38.076038 SECD: EROR:clpSetupSsl: SSL/TLS handshake
> failed, <10.88.233.101> c:12 s:10
>
> 6477: ERR 14:46:38.076977 SECD: EROR:clpSetupSsl: SSL/TLS setup failed,
> <10.88.233.101> c:12 s:10
>
> 6478: ERR 14:46:38.077956 SECD: EROR:clpSndStatus: SSL CLNT ERR,
> srvr<10.88.233.101>
>
> 6479: ERR 14:46:38.078662 SECD: EROR:secErr_errStr: *** bad err table ***
>
> 6480: ERR 14:46:38.079529 SECD: EROR:secErr_errStr: ** SEC-ERR:
> code:3(N/A) subcode:9(UNKNOWN_CERT)
>
> 6481: ERR 14:46:38.080764 SECD: EROR:clpSndStatus: ** SEC-ERR: desc <HTTPS
> cert not in CTL>
>
> 6482: WRN 14:46:38.105233 JVM: Startup Module Loader|cip.http.ae:? -
> listener.httpFailed
>
> 6483: NOT 14:46:38.164083 SECD: clpDelClnt: closing conn to
> <10.88.233.101>, c:12, s:10
>
> 6484: NOT 14:46:38.166683 SECD: clpDelClnt: Adding a one second delay
> before we close the local socket
>
>
>
> 6485: WRN 14:46:39.086678 CDP-D: lldpInetdStatsRsp: port: 1
>
> 6486: WRN 14:46:40.541299 JVM: Startup Module Loader|HttpClientTask:? -
> Current State = 2 this=cip.http.ae at 5301c7
>
> 6487: ERR 14:46:40.573518 JVM: WcAnalyzeUrl: Port = 8443, scheme =
> eWcSchemeHttps, fHostName =
>
> 6488: ERR 14:46:40.574255 JVM: Not TLS <1> or Not DefaultTls Port <8443>
>
> 6489: ERR 14:46:40.590516 JVM: Entering StcpOpenActiveSSL
>
> 6490: ERR 14:46:40.591245 JVM: Attempting HTTPS connect to 10.88.233.101
>
> 6491: ERR 14:46:40.593806 JVM: TLS connect pending
>
> 6492: ERR 14:46:40.594443 JVM: Leaving StcpOpenActiveSSL
>
> 6493: NOT 14:46:40.600547 SECD: clpGetConnParams: IP Mode is 0, addr :
> 10.88.233.101
>
>
>
> 6494: NOT 14:46:40.601306 SECD: clpSetupSsl: IP TOS : 0
>
>
>
> 6495: NOT 14:46:40.602460 SECD: clpSetupSsl: HTTPS SSL/TLS req
> <10.88.233.101, TOS 0>
>
> 6496: WRN 14:46:40.603970 SECD: WARN:clpSetupSsl: no LSC for HTTPS, will
> try MIC, <10.88.233.101> c:9
>
> 6497: NOT 14:46:40.604802 SECD: clpSetupSsl: HTTPS, TLSv1, cert MIC,
> cipher [AES256-SHA:AES128-SHA:DES-CBC3-SHA]
>
> 6498: NOT 14:46:40.605802 SECD: clpSetupSsl: binding to lport
>
> 6499: NOT 14:46:40.606527 SECD: clpSetupSsl: setsockopt SOL_SOCKET set
>
>
>
> 6500: NOT 14:46:40.607194 SECD: clpSetupSsl: Set the TCP keepalive option
>
>
>
> 6501: NOT 14:46:40.607875 SECD: clpSetupSsl: binding to , <(null)>:<0>
>
> 6502: NOT 14:46:40.608648 SECD: clpSetupSsl: Trying to connect to IPV4,
> IP: 10.88.233.101, Port : 8443
>
> 6503: NOT 14:46:40.609739 SECD: clpSetupSsl: TCP connect() waiting,
> <10.88.233.101> c:9 s:10 port: 8443
>
> 6504: NOT 14:46:40.612299 SECD: clpSetupSsl: TCP connected,
> <10.88.233.101> c:9 s:10
>
> 6505: NOT 14:46:40.613167 SECD: clpSetupSsl: start SSL/TLS handshake,
> <10.88.233.101> c:9 s:10
>
> 6506: NOT 14:46:40.618252 SECD: srvr_cert_vfy: Server Certificate
> Validation needs to be done
>
> 6507: NOT 14:46:40.619760 SECD: findByIssuerAndSerialAndRoleInTL:
> Searching TL from CTL file
>
> 6508: NOT 14:46:40.620895 SECD: findByIssuerAndSerialAndRoleInTL:
> Searching TL from ITL file
>
> 6509: WRN 14:46:40.621660 SECD: WARN:getSubjectCTLentry: default lookup
> failed, try lookup using DN
>
> 6510: NOT 14:46:40.622347 SECD: findByCertAndRoleInTL: Searching TL from
> CTL file
>
> 6511: NOT 14:46:40.623015 SECD: findByCertAndRoleInTL: Searching TL from
> ITL file
>
> 6512: ERR 14:46:40.623662 SECD: EROR:https_cert_vfy: HTTPS cert not in
> CTL, <10.88.233.101>
>
> 6513: NOT 14:46:40.624376 SECD: srvr_cert_vfy: ** srvr cert verify FAILED
> ** <10.88.233.101>
>
> 6514: ERR 14:46:40.625576 SECD: EROR:clpState: SSL3 alert
> write:fatal:handshake failure:<10.88.233.101>
>
> 6515: ERR 14:46:40.626671 SECD: EROR:clpSetupSsl: ** SSL handshake failed,
> <10.88.233.101> c:9 s:10
>
> 6516: ERR 14:46:40.627417 SECD: EROR:clpSetupSsl: SSL/TLS handshake
> failed, <10.88.233.101> c:9 s:10
>
> 6517: ERR 14:46:40.628133 SECD: EROR:clpSetupSsl: SSL/TLS setup failed,
> <10.88.233.101> c:9 s:10
>
> 6518: ERR 14:46:40.628819 SECD: EROR:clpSndStatus: SSL CLNT ERR,
> srvr<10.88.233.101>
>
> 6519: ERR 14:46:40.629479 SECD: EROR:secErr_errStr: *** bad err table ***
>
> 6520: ERR 14:46:40.631492 SECD: EROR:secErr_errStr: ** SEC-ERR:
> code:3(N/A) subcode:9(UNKNOWN_CERT)
>
> 6521: ERR 14:46:40.632202 SECD: EROR:clpSndStatus: ** SEC-ERR: desc <HTTPS
> cert not in CTL>
>
> 6522: ERR 14:46:40.654312 JVM: Entering StcpOpenActiveSSL
>
> 6523: ERR 14:46:40.654988 JVM: Attempting HTTPS connect to 10.88.233.101
>
> 6524: ERR 14:46:40.657678 JVM: TLS connect pending
>
> 6525: ERR 14:46:40.658302 JVM: Leaving StcpOpenActiveSSL
>
> 6526: NOT 14:46:40.662375 SECD: clpDelClnt: closing conn to
> <10.88.233.101>, c:9, s:10
>
> 6527: NOT 14:46:40.664389 SECD: clpDelClnt: Adding a one second delay
> before we close the local socket
>
>
>
> 6528: NOT 14:46:40.667265 SECD: clpGetConnParams: IP Mode is 0, addr :
> 10.88.233.101
>
>
>
> 6529: NOT 14:46:40.668021 SECD: clpSetupSsl: IP TOS : 0
>
>
>
> 6530: NOT 14:46:40.669161 SECD: clpSetupSsl: HTTPS SSL/TLS req
> <10.88.233.101, TOS 0>
>
> 6531: WRN 14:46:40.671939 SECD: WARN:clpSetupSsl: no LSC for HTTPS, will
> try MIC, <10.88.233.101> c:11
>
> 6532: NOT 14:46:40.672734 SECD: clpSetupSsl: HTTPS, TLSv1, cert MIC,
> cipher [AES256-SHA:AES128-SHA:DES-CBC3-SHA]
>
> 6533: NOT 14:46:40.673766 SECD: clpSetupSsl: binding to lport
>
> 6534: NOT 14:46:40.674488 SECD: clpSetupSsl: setsockopt SOL_SOCKET set
>
>
>
> 6535: NOT 14:46:40.675149 SECD: clpSetupSsl: Set the TCP keepalive option
>
>
>
> 6536: NOT 14:46:40.675834 SECD: clpSetupSsl: binding to , <(null)>:<0>
>
> 6537: NOT 14:46:40.676606 SECD: clpSetupSsl: Trying to connect to IPV4,
> IP: 10.88.233.101, Port : 8443
>
> 6538: NOT 14:46:40.677628 SECD: clpSetupSsl: TCP connect() waiting,
> <10.88.233.101> c:11 s:10 port: 8443
>
> 6539: NOT 14:46:40.678905 SECD: clpSetupSsl: TCP connected,
> <10.88.233.101> c:11 s:10
>
> 6540: NOT 14:46:40.679770 SECD: clpSetupSsl: start SSL/TLS handshake,
> <10.88.233.101> c:11 s:10
>
> 6541: NOT 14:46:40.686198 SECD: srvr_cert_vfy: Server Certificate
> Validation needs to be done
>
> 6542: NOT 14:46:40.687709 SECD: findByIssuerAndSerialAndRoleInTL:
> Searching TL from CTL file
>
> 6543: NOT 14:46:40.688466 SECD: findByIssuerAndSerialAndRoleInTL:
> Searching TL from ITL file
>
> 6544: WRN 14:46:40.689215 SECD: WARN:getSubjectCTLentry: default lookup
> failed, try lookup using DN
>
> 6545: NOT 14:46:40.689899 SECD: findByCertAndRoleInTL: Searching TL from
> CTL file
>
> 6546: NOT 14:46:40.691758 SECD: findByCertAndRoleInTL: Searching TL from
> ITL file
>
> 6547: ERR 14:46:40.692506 SECD: EROR:https_cert_vfy: HTTPS cert not in
> CTL, <10.88.233.101>
>
> 6548: NOT 14:46:40.693215 SECD: srvr_cert_vfy: ** srvr cert verify FAILED
> ** <10.88.233.101>
>
> 6549: ERR 14:46:40.694368 SECD: EROR:clpState: SSL3 alert
> write:fatal:handshake failure:<10.88.233.101>
>
> 6550: ERR 14:46:40.695536 SECD: EROR:clpSetupSsl: ** SSL handshake failed,
> <10.88.233.101> c:11 s:10
>
> 6551: ERR 14:46:40.696283 SECD: EROR:clpSetupSsl: SSL/TLS handshake
> failed, <10.88.233.101> c:11 s:10
>
> 6552: ERR 14:46:40.696990 SECD: EROR:clpSetupSsl: SSL/TLS setup failed,
> <10.88.233.101> c:11 s:10
>
> 6553: ERR 14:46:40.697675 SECD: EROR:clpSndStatus: SSL CLNT ERR,
> srvr<10.88.233.101>
>
> 6554: ERR 14:46:40.698352 SECD: EROR:secErr_errStr: *** bad err table ***
>
> 6555: ERR 14:46:40.699084 SECD: EROR:secErr_errStr: ** SEC-ERR:
> code:3(N/A) subcode:9(UNKNOWN_CERT)
>
> 6556: ERR 14:46:40.699755 SECD: EROR:clpSndStatus: ** SEC-ERR: desc <HTTPS
> cert not in CTL>
>
> 6557: ERR 14:46:40.711280 JVM: Entering StcpOpenActiveSSL
>
> 6558: ERR 14:46:40.711965 JVM: Attempting HTTPS connect to 10.88.233.101
>
> 6559: ERR 14:46:40.714647 JVM: TLS connect pending
>
> 6560: ERR 14:46:40.715275 JVM: Leaving StcpOpenActiveSSL
>
> 6561: NOT 14:46:40.726781 SECD: clpDelClnt: closing conn to
> <10.88.233.101>, c:11, s:10
>
> 6562: NOT 14:46:40.729492 SECD: clpDelClnt: Adding a one second delay
> before we close the local socket
>
>
>
> 6563: NOT 14:46:40.738420 SECD: clpGetConnParams: IP Mode is 0, addr :
> 10.88.233.101
>
>
>
> 6564: NOT 14:46:40.739392 SECD: clpSetupSsl: IP TOS : 0
>
>
>
> 6565: NOT 14:46:40.742081 SECD: clpSetupSsl: HTTPS SSL/TLS req
> <10.88.233.101, TOS 0>
>
> 6566: WRN 14:46:40.743962 SECD: WARN:clpSetupSsl: no LSC for HTTPS, will
> try MIC, <10.88.233.101> c:12
>
> 6567: NOT 14:46:40.744961 SECD: clpSetupSsl: HTTPS, TLSv1, cert MIC,
> cipher [AES256-SHA:AES128-SHA:DES-CBC3-SHA]
>
> 6568: NOT 14:46:40.746263 SECD: clpSetupSsl: binding to lport
>
> 6569: NOT 14:46:40.746995 SECD: clpSetupSsl: setsockopt SOL_SOCKET set
>
>
>
> 6570: NOT 14:46:40.747935 SECD: clpSetupSsl: Set the TCP keepalive option
>
>
>
> 6571: NOT 14:46:40.748852 SECD: clpSetupSsl: binding to , <(null)>:<0>
>
> 6572: NOT 14:46:40.749652 SECD: clpSetupSsl: Trying to connect to IPV4,
> IP: 10.88.233.101, Port : 8443
>
> 6573: NOT 14:46:40.752569 SECD: clpSetupSsl: TCP connect() waiting,
> <10.88.233.101> c:12 s:10 port: 8443
>
> 6574: NOT 14:46:40.754342 SECD: clpSetupSsl: TCP connected,
> <10.88.233.101> c:12 s:10
>
> 6575: NOT 14:46:40.755237 SECD: clpSetupSsl: start SSL/TLS handshake,
> <10.88.233.101> c:12 s:10
>
> 6576: NOT 14:46:40.761830 SECD: srvr_cert_vfy: Server Certificate
> Validation needs to be done
>
> 6577: NOT 14:46:40.763543 SECD: findByIssuerAndSerialAndRoleInTL:
> Searching TL from CTL file
>
> 6578: NOT 14:46:40.764523 SECD: findByIssuerAndSerialAndRoleInTL:
> Searching TL from ITL file
>
> 6579: WRN 14:46:40.765531 SECD: WARN:getSubjectCTLentry: default lookup
> failed, try lookup using DN
>
> 6580: NOT 14:46:40.766236 SECD: findByCertAndRoleInTL: Searching TL from
> CTL file
>
> 6581: NOT 14:46:40.767122 SECD: findByCertAndRoleInTL: Searching TL from
> ITL file
>
> 6582: ERR 14:46:40.767844 SECD: EROR:https_cert_vfy: HTTPS cert not in
> CTL, <172.19.233.101>
>
> 6583: NOT 14:46:40.768794 SECD: srvr_cert_vfy: ** srvr cert verify FAILED
> ** <172.19.233.101>
>
> 6584: ERR 14:46:40.772107 SECD: EROR:clpState: SSL3 alert
> write:fatal:handshake failure:<172.19.233.101>
>
> 6585: ERR 14:46:40.773270 SECD: EROR:clpSetupSsl: ** SSL handshake failed,
> <172.19.233.101> c:12 s:10
>
> 6586: ERR 14:46:40.774239 SECD: EROR:clpSetupSsl: SSL/TLS handshake
> failed, <172.19.233.101> c:12 s:10
>
> 6587: ERR 14:46:40.775243 SECD: EROR:clpSetupSsl: SSL/TLS setup failed,
> <172.19.233.101> c:12 s:10
>
> 6588: ERR 14:46:40.775968 SECD: EROR:clpSndStatus: SSL CLNT ERR,
> srvr<172.19.233.101>
>
> 6589: ERR 14:46:40.776868 SECD: EROR:secErr_errStr: *** bad err table ***
>
> 6590: ERR 14:46:40.777633 SECD: EROR:secErr_errStr: ** SEC-ERR:
> code:3(N/A) subcode:9(UNKNOWN_CERT)
>
> 6591: ERR 14:46:40.778542 SECD: EROR:clpSndStatus: ** SEC-ERR: desc <HTTPS
> cert not in CTL>
>
> 6592: WRN 14:46:40.799928 JVM: Startup Module Loader|cip.http.ae:? -
> listener.httpFailed
>
> 6593: NOT 14:46:40.846889 SECD: clpDelClnt: closing conn to
> <172.19.233.101>, c:12, s:10
>
> 6594: NOT 14:46:40.849538 SECD: clpDelClnt: Adding a one second delay
> before we close the local socket
>
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
>
>
>
> itevomcid
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20140506/7dee1067/attachment.html>
More information about the cisco-voip
mailing list