Guest

Preview Tool

Cisco Bug: CSCvs85380 - UCCX: Duplicate certificates in DB causes periodic Openfire reset, connections lost in Finesse

Last Modified

Oct 07, 2020

Products (1)

  • Cisco Unified Contact Center Express

Known Affected Releases

12.0(1)

Description (partial)

Symptom:
In UCCX 12, duplicate certificate in UCCX will cause certificate change notification service to periodically overwrite and update the certificate in the file system. This then causes Notification Service to detect the file system change and reload, dropping all Finesse connections:

2020.01.09 11:21:04 A file system change was detected. A(nother) certificate store that is backed by file '/usr/local/platform/.security/tomcat/trust-certs/tomcat-trust.keystore' will be reloaded.
2020.01.09 11:21:04 Reconfigured.
2020.01.09 11:21:04 Reconfigured.
2020.01.09 11:21:04 Reconfigured.
2020.01.09 11:21:04 Reconfigured.

Conditions:
This behavior occurs when there are duplicate certificates in the certificate database with the same Common Name. For example, there may be one older certificate with a CN that is all upper case, and another certificate with a CN that is all lower case. This is more likely to occur for systems that are upgraded from pre-12.0 versions.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.