<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Lucida Console";
panose-1:2 11 6 9 4 5 4 2 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.normaltextrun
{mso-style-name:normaltextrun;}
span.EmailStyle26
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:376853400;
mso-list-type:hybrid;
mso-list-template-ids:-1754871018 201916431 201916441 201916443 201916431 201916441 201916443 201916431 201916441 201916443;}
@list l0:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l1
{mso-list-id:646591685;
mso-list-template-ids:1495936194;}
@list l1:level1
{mso-level-start-at:3;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l2
{mso-list-id:761729518;
mso-list-template-ids:113273926;}
@list l3
{mso-list-id:843324650;
mso-list-type:hybrid;
mso-list-template-ids:974661916 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l3:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l3:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l3:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l3:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l3:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l3:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l3:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l3:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l3:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l4
{mso-list-id:1122068080;
mso-list-template-ids:710458340;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-AU link=blue vlink=purple style='word-wrap:break-word'><div class=WordSection1><p class=MsoNormal><span class=normaltextrun><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;background:white'>This is how I stop the cert error,<o:p></o:p></span></span></p><p class=MsoNormal><span class=normaltextrun><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;background:white'>As you stated, clear the cache folders and then use the following installation switch, it works 100% on Jabber version 12.9.5<o:p></o:p></span></span></p><p class=MsoNormal><span class=normaltextrun><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;background:white'>msiexec.exe /i CiscoJabberSetup.msi CLEAR=1 EXCLUDED_SERVICES=WEBEX UPN_DISCOVERY_ENABLED=false<o:p></o:p></span></span></p><p class=MsoNormal><span class=normaltextrun><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;background:white'><o:p> </o:p></span></span></p><p class=MsoNormal><span class=normaltextrun><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;background:white'>Gary</span></span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;mso-fareast-language:EN-US'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'>From:</span></b><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'> cisco-voip <cisco-voip-bounces@puck.nether.net> <b>On Behalf Of </b>Riley, Sean<br><b>Sent:</b> Thursday, 9 December 2021 12:36 AM<br><b>To:</b> cisco-voip@puck.nether.net<br><b>Subject:</b> Re: [cisco-voip] [External] Jabber Users Prompted To Accept Webex Cert<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>I received the same answer from tac as others. They have a but ID, but the workaround to disable telemetry is incorrect as we have had this disabled in the xml for a couple of years now. We will be upgrading with the install switch to disable webex going forward. Hopefully this puts a stop to this cert warning.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><a href="https://quickview.cloudapps.cisco.com/quickview/bug/CSCvg82067">https://quickview.cloudapps.cisco.com/quickview/bug/CSCvg82067</a><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>From support:<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>One of the workarounds that I mentioned was to disable the Webex service, do you think you can try that?<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Uninstall Jabber, clear the cache and install it with the following command:<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>msiexec.exe CiscoJabberSetup.msi CLEAR=1 EXCLUDED_SERVICES=Webex<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><b><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'>From:</span></b><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'> cisco-voip <<a href="mailto:cisco-voip-bounces@puck.nether.net">cisco-voip-bounces@puck.nether.net</a>> <b>On Behalf Of </b>Riley, Sean<br><b>Sent:</b> Tuesday, November 30, 2021 12:17 PM<br><b>To:</b> <a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br><b>Subject:</b> Re: [cisco-voip] [External] Jabber Users Prompted To Accept Webex Cert<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>We did not start to see the cert warnings until 11/15/21. Not sure if that helps correlate with a certificate expiring, etc.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><b><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'>From:</span></b><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'> Lelio Fulgenzi <<a href="mailto:lelio@uoguelph.ca">lelio@uoguelph.ca</a>> <br><b>Sent:</b> Monday, November 29, 2021 6:18 PM<br><b>To:</b> <a href="mailto:gbates@commandsolutions.com.au">gbates@commandsolutions.com.au</a><br><b>Cc:</b> Riley, Sean <<a href="mailto:SRiley@robinsonbradshaw.com">SRiley@robinsonbradshaw.com</a>>; <a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br><b>Subject:</b> Re: [cisco-voip] [External] Jabber Users Prompted To Accept Webex Cert<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US>They better come up with a better workaround to re-installing all our clients. <o:p></o:p></span></p><div><p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p></div><div><p class=MsoNormal><span lang=EN-US>If Jabber has a built in procedure, then they really need to make sure it works. <o:p></o:p></span></p></div><div><p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p></div><div><p class=MsoNormal><span lang=EN-US>Why are we all of a sudden seeing these cert issues? <o:p></o:p></span></p></div><div><p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p></div><div><p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-US>This downloading of fixes really needs to be curbed. <o:p></o:p></span></p><div><p class=MsoNormal><span lang=EN-US>Sent from my iPhone<o:p></o:p></span></p></div><div><p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-US><o:p> </o:p></span></p><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-US>On Nov 29, 2021, at 4:53 PM, Gary_Bates_Command_Solutions <<a href="mailto:gbates@commandsolutions.com.au">gbates@commandsolutions.com.au</a>> wrote:<o:p></o:p></span></p></blockquote></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><div><p class=MsoNormal><span lang=EN-US style='font-family:"Tahoma",sans-serif'></span><span lang=EN-US> <o:p></o:p></span></p><div style='border:solid #9C6500 1.0pt;padding:2.0pt 2.0pt 2.0pt 2.0pt'><p class=MsoNormal style='line-height:12.0pt;background:#FFEB9C'><b><span lang=EN-US style='font-size:10.0pt;font-family:"Calibri",sans-serif;color:black'>CAUTION:</span></b><span lang=EN-US style='font-size:10.0pt;font-family:"Calibri",sans-serif;color:black'> This email originated from outside of the University of Guelph. Do not click links or open attachments unless you recognize the sender and know the content is safe. If in doubt, forward suspicious emails to <a href="mailto:IThelp@uoguelph.ca">IThelp@uoguelph.ca</a><o:p></o:p></span></p></div><p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Hi there</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'> </span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'>We experienced this issue with our on-prem Jabber updates,</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'> </span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Fix we applied was as follows:</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'> </span><span lang=EN-US><o:p></o:p></span></p><ol style='margin-top:0cm' start=1 type=1><li class=MsoNormal style='mso-list:l0 level1 lfo3'><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Do a “clean install” of Jabber (must delete cache files and uninstall old version)</span><span lang=EN-US><o:p></o:p></span></li><li class=MsoNormal style='mso-list:l0 level1 lfo3'><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Wen installing new version, use this installation file with the switch at the end as below</span><span lang=EN-US><o:p></o:p></span></li></ol><p class=MsoListParagraph><span lang=EN-US> <o:p></o:p></span></p><p class=MsoNormal><span class=normaltextrun><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;background:white'>msiexec.exe /i CiscoJabberSetup.msi CLEAR=1 EXCLUDED_SERVICES=WEBEX UPN_DISCOVERY_ENABLED=false</span></span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span class=normaltextrun><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;background:white'> </span></span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span class=normaltextrun><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;background:white'>Our desktop team added a script to clear the cache folders on desktops with previous installations as follows:</span></span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span class=normaltextrun><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;background:white'> </span></span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal style='background:white;text-autospace:none'><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:darkgreen'>## Deleting all “.\Cisco” folders found on local profiles</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal style='background:white;text-autospace:none'><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:blue'>Write-Log</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:darkred'>"-----> Deleting all `“.\Cisco`” folders found on local profiles"</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal style='background:white;text-autospace:none'><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:orangered'>$users</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:darkgray'>=</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:blue'>Get-ChildItem</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:navy'>-Path</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:darkred'>"C:\Users"</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal style='background:white;text-autospace:none'><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:orangered'>$users</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:darkgray'>|</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:blue'>ForEach-Object</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> {</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal style='background:white;text-autospace:none'><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:blue'>Remove-Folder</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:navy'>-Path</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:darkred'>"C:\Users\</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'>$(</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:orangered'>$_</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:darkgray'>.</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'>Name)</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:darkred'>\AppData\Local\Cisco"</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal style='background:white;text-autospace:none'><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:blue'>Remove-Folder</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:navy'>-Path</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'> </span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:darkred'>"C:\Users\</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'>$(</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:orangered'>$_</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:darkgray'>.</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'>Name)</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:darkred'>\AppData\Roaming\Cisco"</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal style='background:white;text-autospace:none'><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:darkred'> </span><span lang=EN-US><o:p></o:p></span></p><ol style='margin-top:0cm' start=3 type=1><li class=MsoNormal style='color:black;mso-list:l0 level1 lfo3;background:white;text-autospace:none'><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console"'>In the service profile for Jabber, add the “ServiceDiscoveryExcludedServices </span><span lang=EN-US style='font-size:9.0pt;font-family:Wingdings'>à</span><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console"'> WEBEX”</span><span lang=EN-US><o:p></o:p></span></li></ol><p class=MsoListParagraph style='background:white;text-autospace:none'><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Console";color:black'>This will ensure once Jabber is installed and configured, it will no longer try to connect to WEBEX each time the user logins.</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoListParagraph style='background:white;text-autospace:none'><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;background:white'> </span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;background:white'>HTH</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;background:white'> </span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;background:white'>Gary</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'> </span><span lang=EN-US><o:p></o:p></span></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'>From:</span></b><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'> cisco-voip <<a href="mailto:cisco-voip-bounces@puck.nether.net">cisco-voip-bounces@puck.nether.net</a>> <b>On Behalf Of </b>Lelio Fulgenzi<br><b>Sent:</b> Tuesday, 30 November 2021 8:24 AM<br><b>To:</b> Riley, Sean <<a href="mailto:SRiley@robinsonbradshaw.com">SRiley@robinsonbradshaw.com</a>><br><b>Cc:</b> <a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br><b>Subject:</b> Re: [cisco-voip] [External] Jabber Users Prompted To Accept Webex Cert</span><span lang=EN-US><o:p></o:p></span></p></div></div><p class=MsoNormal><span lang=EN-US> <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US>I will likely be opening a case for this. We had a few. Our workstations are not configured to not get root very updates I’ve been told. <o:p></o:p></span></p><div><p class=MsoNormal><span lang=EN-US> <o:p></o:p></span></p></div><div><p class=MsoNormal><span lang=EN-US>We’ve only had a few cases. <o:p></o:p></span></p></div><div><p class=MsoNormal><span lang=EN-US> <o:p></o:p></span></p></div><div><p class=MsoNormal><span lang=EN-US>Not sure this hasn’t made it to an advisory or bug or something. <o:p></o:p></span></p></div><div><p class=MsoNormal><span lang=EN-US> <o:p></o:p></span></p><div><p class=MsoNormal><span lang=EN-US>Sent from my iPhone<o:p></o:p></span></p></div><div><p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-US><o:p> </o:p></span></p><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-US>On Nov 29, 2021, at 1:04 PM, Riley, Sean <<a href="mailto:SRiley@robinsonbradshaw.com">SRiley@robinsonbradshaw.com</a>> wrote:<o:p></o:p></span></p></blockquote></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><div><p class=MsoNormal><span lang=EN-US style='font-family:"Tahoma",sans-serif'></span><span lang=EN-US> <o:p></o:p></span></p><div style='border:solid #9C6500 1.0pt;padding:2.0pt 2.0pt 2.0pt 2.0pt'><p class=MsoNormal style='line-height:12.0pt;background:#FFEB9C'><b><span lang=EN-US style='font-size:10.0pt;font-family:"Calibri",sans-serif;color:black'>CAUTION:</span></b><span lang=EN-US style='font-size:10.0pt;font-family:"Calibri",sans-serif;color:black'> This email originated from outside of the University of Guelph. Do not click links or open attachments unless you recognize the sender and know the content is safe. If in doubt, forward suspicious emails to <a href="mailto:IThelp@uoguelph.ca">IThelp@uoguelph.ca</a></span><span lang=EN-US><o:p></o:p></span></p></div><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'> </span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Did anyone come up with a solution to this, other than to tell the users to Accept the Cert?</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'> </span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>We are completely on prem with no webex services. Clients are v 12.9.6. I was able to reproduce the issue once using a test user account, but have not been able to reproduce since, even after a Jabber reset. Most of my team is running Jabber v 14.x and we have not seen the cert warning. </span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'> </span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Does a user declining the cert add it to the Untrusted Certificates store in Windows? Maybe that takes priority over a cert in the trusted store? </span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'> </span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>I have done the following, but we still have sporadic reports of the certificate warning from Jabber:</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'> </span><span lang=EN-US><o:p></o:p></span></p><ol style='margin-top:0cm' start=1 type=1><li class=MsoNormal style='mso-list:l3 level1 lfo7'><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Ensured the new IdenTrust Commercial Root CA 1 was in CUCM and services restarted on CUCM and IM&P.</span><span lang=EN-US><o:p></o:p></span></li><li class=MsoNormal style='mso-list:l3 level1 lfo7'><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Added the HydrantID Server CA O1 to the computers trusted store via GPO.</span><span lang=EN-US><o:p></o:p></span></li></ol><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'> </span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Thanks.</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'> </span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'> </span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><b><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'>From:</span></b><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'> cisco-voip <<a href="mailto:cisco-voip-bounces@puck.nether.net">cisco-voip-bounces@puck.nether.net</a>> <b>On Behalf Of </b>Lelio Fulgenzi<br><b>Sent:</b> Friday, November 12, 2021 3:17 PM<br><b>To:</b> Lelio Fulgenzi <<a href="mailto:lelio@uoguelph.ca">lelio@uoguelph.ca</a>>; Gary Parker <<a href="mailto:G.J.Parker@lboro.ac.uk">G.J.Parker@lboro.ac.uk</a>>; Brian V <<a href="mailto:bvanbens@gmail.com">bvanbens@gmail.com</a>><br><b>Cc:</b> <a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br><b>Subject:</b> Re: [cisco-voip] [External] Jabber Users Prompted To Accept Webex Cert</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US>Darn it. We've started seeing the alerts for some reason. <br><br>Can we just tell people to accept? Argh.<br><br><br>-----Original Message-----<br>From: cisco-voip <<a href="mailto:cisco-voip-bounces@puck.nether.net">cisco-voip-bounces@puck.nether.net</a>> On Behalf Of Lelio Fulgenzi<br>Sent: Friday, November 12, 2021 8:45 AM<br>To: Gary Parker <<a href="mailto:G.J.Parker@lboro.ac.uk">G.J.Parker@lboro.ac.uk</a>>; Brian V <<a href="mailto:bvanbens@gmail.com">bvanbens@gmail.com</a>><br>Cc: <a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br>Subject: Re: [cisco-voip] [External] Jabber Users Prompted To Accept Webex Cert<br><br>(a) do this<br>(b) don't do this<br><br>Is my favourite part!<br><br>I remember when I first started, I had opened a case, then another, and got two very conflicting opinions from the TAC<br><br>(a) TAC suggests using the T train for voice gateways<br>(b) The TAC suggests staying away from T train for voice gateways<br><br>Or something like that.<br><br>When you're first starting out and have a crush on Cisco, it's very had to work through that.<br><br><br>-----Original Message-----<br>From: Gary Parker <<a href="mailto:G.J.Parker@lboro.ac.uk">G.J.Parker@lboro.ac.uk</a>> <br>Sent: Friday, November 12, 2021 5:24 AM<br>To: Brian V <<a href="mailto:bvanbens@gmail.com">bvanbens@gmail.com</a>><br>Cc: Lelio Fulgenzi <<a href="mailto:lelio@uoguelph.ca">lelio@uoguelph.ca</a>>; NateCCIE <<a href="mailto:nateccie@gmail.com">nateccie@gmail.com</a>>; Johnson, Tim <<a href="mailto:johns10t@cmich.edu">johns10t@cmich.edu</a>>; <a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br>Subject: Re: [cisco-voip] [External] Jabber Users Prompted To Accept Webex Cert<br><br>CAUTION: This email originated from outside of the University of Guelph. Do not click links or open attachments unless you recognize the sender and know the content is safe. If in doubt, forward suspicious emails to <a href="mailto:IThelp@uoguelph.ca">IThelp@uoguelph.ca</a><br><br><br>Yeah, I had a suspicion at one point that this might be to do with the telemetry (which we’re sending), but the only reference I can find to the servers used for this is in the "Feature Configuration for Cisco Jabber 12.8†doc where it states that clients connect to "metrics-a.wbx2.com†(also mentioning that you must install a GoDaddy root cert).<br><br>We’ve been sending telemetry for some time and have not had this problem before, and the cert the client is erroring on is idbroker.webex.com (with the IdenTrust root).<br><br>Fwiw, metrics-a.wbx2.com is a cname for ha-a-main.wbx2.com, which in turn is a cname for achm-main-ha-a-nlb-1d0e22049c746ef1.elb.us-east-2.amazonaws.com<br><br>metrics-a.wbx2.com *does* have a GoDaddy root cert, and a wildcard server cert.<br><br>What a mess!<br><br>That bug also says:<br><br>"b) Disable the telemetry call to Webex in the jabber-config xmlâ€<br><br>…but then goes on to say:<br><br>"This error/popup is not related to Telemetry. Even if you disable Telemetry on Jabber certificate pop up will continue to show.â€<br><br>¯\_(ツ)_/¯ <br><br>Gary<br><br>> On 11 Nov 2021, at 22:57, Brian V <<a href="mailto:bvanbens@gmail.com">bvanbens@gmail.com</a>> wrote:<br>> <br>> Part of the workaround referenced in the Bug doesn't make sense. They reference adding some GoDaddy certs, but when you look at the URL they reference (*.wbx2.com) that is signed by Hydrant not Go Daddy.<br><br>_______________________________________________<br>cisco-voip mailing list<br><a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br><a href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br>_______________________________________________<br>cisco-voip mailing list<br><a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br><a href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</a><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri",sans-serif'>_______________________________________________<br>cisco-voip mailing list<br><a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br><a href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</a></span><span lang=EN-US><o:p></o:p></span></p></div></blockquote></div></div></blockquote></div></div></body></html>