[cisco-voip] CA Certs applied to CUCM & IMP

Nick csvoip at googlemail.com
Mon Mar 12 05:45:36 EDT 2018


Thanks guys, that's sorted me out now, ran that command and I could see
that the certificate could not be verified so I uploaded the root certs
again directly to the IMP tomcat-trust and all is good now. They were
previously uploaded via the CUCM.


On 9 March 2018 at 01:10, Daniel <daniel at ohnesorge.me> wrote:

> That works great!
>
> So Nick, run the command 'file tail activelog tomcat/logs/cupadmin/log4j
> recent' and then visit the Cluster Topology page.
>
> On 9/3/18 11:40 am, Anthony Holloway wrote:
>
> Actually, just put "recent" at the end of your tail command.
>
> On Mar 8, 2018 4:35 PM, "Daniel" <daniel at ohnesorge.me> wrote:
>
>> You will get a good understanding of whats happening by running the
>> command 'file list activelog tomcat/logs/cupadmin/log4j date detail' and
>> then 'file tail activelog tomcat/logs/cupadmin/log4j/cupadminXXXXX.log'
>> where cupadminXXXXX.log is the latest file from the first output. Then
>> visiting the page where you see Unknown and you should see some certificate
>> related errors.
>>
>> On 9/3/18 9:25 am, Nick via cisco-voip wrote:
>>
>> Hi Anthony, forgot to mention it yes, cup-xmpp was also added at the same
>> time.
>>
>> On 8 March 2018 at 18:48, Anthony Holloway <avholloway+cisco-voip at gmail.c
>> om> wrote:
>>
>>> You didn't mention it, so maybe you forgot to also do the IM&P cup-xmpp
>>> cert in additional to Tomcat?
>>>
>>> On Thu, Mar 8, 2018 at 12:17 PM Nick via cisco-voip <
>>> cisco-voip at puck.nether.net> wrote:
>>>
>>>> Just completed a new build of CUCM and IM&P to 11.5.1 SU4, I then
>>>> generated Multi SAN Tomcat certs and applied these to the servers which are
>>>> working fine when I browse to any of the nodes.
>>>>
>>>> Since applying the certs the the nodes under the DefaultSubCluster on
>>>> the presence Topology page are showing with red crosses and the services
>>>> for each node are showing as Unknown.
>>>>
>>>> The Presence Redundancy group in CUCM is showing as both nodes in
>>>> normal state and IM&P is working correctly.
>>>>
>>>> The system troubleshooter is reporting
>>>>
>>>> Could not determine the status of the Cisco IM and Presence Data
>>>> monitor Service on the following nodes and XCP Troubleshooter shows
>>>>
>>>> The Cisco XCP Connection Manager and Cisco XCP Authentication Service
>>>> is currently down but both of the services are started up.
>>>>
>>>> All is working as expected so is cosmetic but needs resolving.
>>>>
>>>> Anyone had similar issues after applying CA signed certs?
>>>>
>>>> Regards
>>>>
>>>> Nick
>>>> _______________________________________________
>>>> cisco-voip mailing list
>>>> cisco-voip at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>>>
>>>
>>
>>
>> _______________________________________________
>> cisco-voip mailing listcisco-voip at puck.nether.nethttps://puck.nether.net/mailman/listinfo/cisco-voip
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20180312/d32edadf/attachment.html>


More information about the cisco-voip mailing list