Cisco Bug: CSCur85534 - SIP Trunk shows status 'Full Service' when X.509 Subject Name is invalid
Jul 24, 2017
- Cisco Unified Communications Manager (CallManager)
Known Affected Releases
Symptom: SIP Trunks with TLS enabled show Trunk is In Service, even if the X.509 subject name do not match the SIP Trunk security profile. Calls made to this trunk do indeed fail with TLS negotiation error but no error is provided regarding the trunk status on the CUCM trunks page. Conditions: Create a secure(encrypted) SIP trunk to a device like Conductor or VCS and in the trunk security profile do not enter the X.509 subject name based on the device certificate. When you create this trunk with OPTIONS ping enabled, it is seen the CUCM shows the status of this trunk to be up/full service.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases