Guest

Preview Tool

Cisco Bug: CSCun18578 - ITL reset localkey/remotekey fails in certain scenarios

Last Modified

May 14, 2020

Products (1)

  • Cisco Unified Communications Manager (CallManager)

Known Affected Releases

10.0(1.10000.24)

Description (partial)

Symptom:
Running "utils itl reset localkey" or "utils itl reset remotekey" fails with one of the following.

### Error #1
// System > Server, Host Name/IP Address field set to an IP Address and "utils os secure status" set to enforcing.

admin:utils itl reset localkey
Enter CCM Administrator password :

Locating active Tftp servers in the cluster.....

Unable to determin the active and running  TFTP nodes in the cluster 
Ensure that the DB replication is working on all nodes and the correct Password has been entered
Then retry the command

Executed command unsuccessfully


Alternate failure message may appear as follows:
admin:utils itl reset localkey
Enter CCM Administrator password :

Locating active Tftp servers in the cluster.....

Following is the list of Active tftp servers in the cluster

['10.10.1.2', '10.10.1.3']
About to sftp file from Live Tftp server
Error in obtaining ITL file from live TFTP Server 10.10.1.2


### Error #2
// System > Server, Host Name/IP Address field set to an IP address and "utils itl reset localkey" run soon after previously running "utils itl reset localkey"

admin:utils itl reset localkey
Enter CCM Administrator password :

Locating active Tftp servers in the cluster.....

Unable to determin the active and running  TFTP nodes in the cluster 
Ensure that the DB replication is working on all nodes and the correct Password has been entered
Then retry the command

Executed command unsuccessfully

### Error 3
// System > Server values for Host Name/IP Address set to an IP address

admin:utils itl reset remotekey 10.10.1.20 joemar2 /home/joemar2/ITLRecovery.p12
Enter Sftp password :Processing token in else 0 tac
coutn is 1
Processing token in else 0 tac
coutn is 1



Enter CCM Administrator password :

Locating active Tftp servers in the cluster.....

Following is the list of Active tftp servers in the cluster

['10.10.1.2', '10.10.1.3']
About to sftp file from Live Tftp server
Error in obtaining ITL file from live TFTP Server 10.10.1.2


Executed command unsuccessfully
MAC verified OK
MAC verified OK
writing RSA key

### Error 4
// System > Server value for Host Name/IP Address set to an IP Address and "utils itl reset remotekey" is issued soon after previously running "utils itl reset remotekey" 

utils itl reset remotekey 10.10.1.20 joemar2 /home/joemar2/ITLRecovery.p12
Enter Sftp password :Processing token in else 0 tac
coutn is 1
Processing token in else 0 tac
coutn is 1



Enter CCM Administrator password :

Locating active Tftp servers in the cluster.....

Unable to determin the active and running  TFTP nodes in the cluster 
Ensure that the DB replication is working on all nodes and the correct Password has been entered
Then retry the command

Executed command unsuccessfully
MAC verified OK
MAC verified OK
writing RSA key

Conditions:
CUCM 10.0(1)

### Error 1
Cisco Unified CM Administration under System > Server the Host Name/IP Address field contains an IP Address.

### Error 2
Cisco Unified CM Administration under System > Server the Host Name/IP Address field contains an IP Address and  "utils itl reset localkey" run soon after previously running "utils itl reset localkey".

### Error 3
Cisco Unified CM Administration under System > Server the Host Name/IP Address field contains an IP Address.

### Error 4
Cisco Unified CM Administration under System > Server the Host Name/IP Address field contains an IP Address and  "utils itl reset remotekey" run soon after previously running "utils itl reset remotekey".

Related Community Discussions

Unified Communications Manager ITL Enhancements in 10.0(1)
Table of Contents            Purpose            Background            Symptoms            Solution - Bulk ITL Reset                 ITLRecovery using local recovery key                ITLRecovery using remote recovery key                  Verify current signer with "show itl"                Verify ITLRecovery key is being used            Enhancements to Decrease the Likelihood of Phones Losing Trust            Backup the ITL Recovery            Verification            Caveats     Purpose Cisco Unified ...
Latest activity: Jul 04, 2015
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.