Cisco Bug: CSCvt40395 - enhancement: Gray out options on SAML SSO CUCM page based on Tomcat Certificates Uploaded
Apr 03, 2020
- Cisco Unified Communications Manager (CallManager)
Known Affected Releases
Symptom: Under System > SAML Single Sign-On > CUCM GUI gives 2 options a. SSO Mode (further with 2 sub-options) Cluster wide (One metadata file per cluster) Per node (One metadata file per node) b. Certificate (further with 2 sub-options) Use system generated self-signed certificate Use Tomcat certificate In some situations Customers tend to select incorrect combinations of the above which leads to wrong configuration of SSO on CUCM and eventually have to re-do it. eg. A deployment where Cluster has individual Tomcat (not Multi-SAN) CA signed certificates for each node, when they select the following combination - Cluster wide (One metadata file per cluster)/Use system generated self-signed certificate, SSO configuration still goes through but the combination is essentially wrong. I propose that the Certificate and SSO mode options are only enabled (or grayed out) based on the Tomcat certificate uploaded to the CUCM cluster so that the Customer can only select the right options. Conditions: When enabling SAML SSO from CUCM for the cluster.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases