Guest

Preview Tool

Cisco Bug: CSCur29456 - HCM-F Chain Certificate UCSM Sync Failure

Last Modified

Jan 31, 2017

Products (1)

  • Cisco Hosted Collaboration Solution (HCS)

Known Affected Releases

10.1(1)

Description (partial)

Symptom:
UCSM Sync Fails with following errors:

These are the errors on the HCM-F GUI:
 - Failed to connect to "fpb06-fi1-v.fltg.loc". Specific cause is unknown.
 - Check the network address configuration of UCSManager "fpb06-fi1-v.fltg.loc" in Infrastructure Manager. Verify the correct IP address or host/domain name are configured as type SERVICE_PROVIDER_SPACE. Verify network connectivity between HCM-F and the UCSManager.

The below is the snippets from the UCSMSync Logs:
 1 | 2014-10-15 11:38:09.213 | [58] | SdlSig | ConfigChangeNotification | null0 | ucsmsync(1) | ucsmsync(null) | null
2014-10-15 11:38:09,214 INFO  [58] UCSMSyncAgent::null0_ConfigChangeNotification (fpb06-fi1-v.fltg.loc): ========== Entered ==========
2014-10-15 11:38:09,224 INFO  [58] DomainManagerHelper::recalculateModifiableDeletable (fpb06-fi1-v.fltg.loc): Change detected in the autosync enable config...re-evaluating ability to modify/delete items in this domainManager
2014-10-15 11:38:09,225 INFO  [58] DomainManagerHelper::recalculateModifiableDeletable (fpb06-fi1-v.fltg.loc): Setting modifiable/deletable to false for all entities in this domainManager
2014-10-15 11:38:09,320 INFO  [58] UCSMSyncAgent::null0_ConfigChangeNotification/tryConnection (fpb06-fi1-v.fltg.loc): Updating job progress...
2014-10-15 11:38:09,333 INFO  [58] UCSMSyncAgent::null0_ConfigChangeNotification/tryConnection (fpb06-fi1-v.fltg.loc): Attempting SDR connection...
2014-10-15 11:38:09,359 INFO  [58] UCSMSyncAgent::null0_ConfigChangeNotification/tryConnection (fpb06-fi1-v.fltg.loc): SDR connection successful, attempting target domain manager connection...
2014-10-15 11:38:09,373 INFO  [58] UCSMSyncAgent::connectToTarget (fpb06-fi1-v.fltg.loc): starting to connect
2014-10-15 11:38:09,373 INFO  [58] UCSMSyncAgent::connectToTarget (fpb06-fi1-v.fltg.loc): Connecting to UCSM URL: https://10.4.254.4:443/nuova (certRequired=true)
2014-10-15 11:38:09,376 DEBUG [58] UCSMConnection::sendPostRequestAndGetDoc (https://10.4.254.4:443/nuova): UCSM request: |<aaaLogin inName="SVC-HCSHCMF01" inPassword=?***REMOVED***" />|
2014-10-15 11:38:09,602 ERROR [58] UCSMSyncAgent::connectToTarget (fpb06-fi1-v.fltg.loc): Failed to connect to "fpb06-fi1-v.fltg.loc". Specific cause is unknown. : InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
2014-10-15 11:38:09,603 ERROR [58] UCSMSyncAgent::null0_ConfigChangeNotification/tryConnection (fpb06-fi1-v.fltg.loc): Unable to connect to the target entity

Conditions:
When attempting to do a secure sync between HCM-F and UCSM where UCSM has mulitple certificates in a chain instead of just a single self signed certificate it fails.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.