Preview Tool

Cisco Bug: CSCvs73592 - [Doc] SIP OAuth Mode for MRA - Tomcat trust used for 5091 MRA port

Last Modified

Jan 21, 2020

Products (1)

  • Cisco Unified Communications Manager (CallManager)

Known Affected Releases


Description (partial)

SIP OAuth Mode for MRA feature configuration guide should mention that the "tomcat" certificate and the "tomcat-trust" store is being used for "SIP Mobile and Remote Access OAuth Port" which by default equals to 5091. 

5091 port is used for SIP OAuth mode over MRA. CallManager process listens on this port. mTLS is used, UCM sends it Tomcat certificate which must be verified by EXP-C, and EXP-C certificate is verified  on UCM against the Tomcat-trust store. 

SIP OAuth Mode for UCM 12.5.1 & 12.5.1 SU1

The customer needs to do extra steps to upload the Exp-C certificate into tomcat-trust of CUCM in case of:
-EXP-C and UCM Tomcat certificate are not signed by the same CA certificate
-UCM Tomcat certificate is not CA signed at all

UCM 12.5.1 and 12.5.1su1 with SIP OAuth mode configuration over MRA
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.