Guest

Preview Tool

Cisco Bug: CSCvt15738 - CUCM presents to Jabber CallManager's certificate instead of Tomcat's due to using 6971 port

Last Modified

Jul 21, 2020

Products (1)

  • Cisco Unified Communications Manager (CallManager)

Known Affected Releases

11.5(1.17900.52) 12.5(1.11900.146)

Description (partial)

Symptom:
Jabber presents warnings about untrusted certificate during login or normal operations. When check what certificate it is complaining about it is CallManager's certificate. As per Cisco docs, only Tomcat and cup-xmpp certificate should be signed by trusted CA in order to avoid certificate warnings on Jabber client. But having CUCM version that has Headset Management feature (11.5 SU7 and higher 12.5) Jabber will be presented by CallManager's certificate as well.

Conditions:
++ Running CUCM version 11.5 SU7 or any version that has Headset Management implemented

++ Jabber having Secure Device Profile applied (CUCM in mixed mode)

++ It causes that following line is added to CSF.cnf.xml (CSF's config file): https://{tftp}:6971/headset/config/user/{userid} - it is forcing 6971 port

++ CUCM always presents CallManager's certificate when accessing it via HTTPS and 6971
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.