Guest

Preview Tool

Cisco Bug: CSCus71112 - Conductor/CUCM secure communication requires VIP address to be SAN

Last Modified

Mar 29, 2017

Products (1)

  • Cisco TelePresence Conductor

Known Affected Releases

XC3.0

Description (partial)

Symptom:
When deploying Conductor with CUCM and adding Conductor as a secure conference bridge, you must point CUCM to the ad-hoc VIP address on Conductor. For Conductor to register successfully over HTTPS with CUCM it is required that the VIP IP address or DNS name be added to the Conductor Server Certificate SAN list. 

This is not mentioned in the documentation and it is assumed the customer would know to do this and can lead to confusion. Should update the Conductor/UCM deployment guide to better clarify this.

Conditions:
Conductor deployed with CUCM as a secure conference bridge resource for ad-hoc calls.

Related Community Discussions

Conductor 3.0 with UCM 10.5 - Cannot get AdHoc registration working/TLS issues
I'm working on a lab setup to prepare for a customer's implementation of Conductor 3.0 with UCM 10.5SU1.  I've got the baseline all in place, but I cannot get the Ad Hoc conference bridge to register with UCM via Conductor, nor can I get the SIP trunk to become reachable.  This all points to a TLS issue, which is reflected in the UCM logs:   SdlSSLTCPListener::verify_cb pre-verified=0,cert verification errno=20,depth=0 00269848.000 |22:41:54.023 |AppInfo  |HandleSSLError - Certificate verification ...
Latest activity: Jan 29, 2015
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.