[cisco-voip] Serious 11.5 installation defect

Abhiram Kramadhati (akramadh) akramadh at cisco.com
Wed Aug 24 21:39:20 EDT 2016


Just a quick update. We tested this with UCCX/CUIC/Finesse 11.5 and the issue is not seen. The issue seems to be with the encryption method.

In UCCX/CUIC/Finesse:
((/usr/local/platform/.security/dkey_status.txt file and install.log:08/23/2016 15:25:44 InstallWizard|ccmEncryptionConfigOptional:dynamicKeyCCMEncryption='optional'.|<LVL::Debug>).

In CUCM:
(/usr/local/platform/.security/dkey_status.txt file and also from the installation log install.log:08/10/2016 21:36:10 InstallWizard|ccmEncryptionConfigOptional: dynamicKeyCCMEncryption='enable'.|<LVL::Debug>) .

With the encryptionAPI used in CUCM, the length of the encrypted password is going beyond 64 characters and that could be the problem (but that is not confirmed yet). We'll monitor this and take the necessary action if anything is needed on the contact centre products. Thanks.

Regards,
Abhiram Kramadhati
Technical Solutions Manager, CCBU
CCIE Collaboration # 40065


From: cisco-voip <cisco-voip-bounces at puck.nether.net<mailto:cisco-voip-bounces at puck.nether.net>> on behalf of Anthony Holloway <avholloway+cisco-voip at gmail.com<mailto:avholloway+cisco-voip at gmail.com>>
Date: Monday, 22 August 2016 at 1:57 PM
To: "daniel at ohnesorge.me<mailto:daniel at ohnesorge.me>" <daniel at ohnesorge.me<mailto:daniel at ohnesorge.me>>
Cc: Cisco VoIP Group <cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>>
Subject: Re: [cisco-voip] Serious 11.5 installation defect

Wow, good to know, but I cannot say that I have ever seen a password that long on a server before.  That's a first for me.  I tend to still use 8 character length.  Old habit, I'm sure.

Are you consistently deploy 16+ character passwords now a days?

On Sun, Aug 21, 2016 at 5:54 PM, Daniel Ohnesorge via cisco-voip <cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>> wrote:
Hi All,

Just wanted to make you all aware of a serious installation defect with 11.5 that the Cisco DE's are currently investigating and will soon be raising a new defect against.

Basically, the CUCM Publisher installation goes ahead fine but once you try to install any subscriber (including the CUPS DB PUB), the installation will fail after all Network and Connectivity checks passed. It has taken TAC, BU and DE's 2 weeks to figure out what was going wrong, it turns out that the password used for the Application User is too long (even though it is withing documentation guidelines). The password I used was 1 Uppercase, 14 lowercase, 1 number and 1 special character (underscore). DE's have been able to replicate the issue in the lab using the same complexity. When using a password such as ipcbu123 the installation is successful. This affects CUCM, CUPS and CUC.

Thanks,
Daniel
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20160825/e309a16a/attachment.html>


More information about the cisco-voip mailing list