Preview Tool

Cisco Bug: CSCvv68075 - DRF Restore fails when using FIPS and CA signed IPSec certificates.

Last Modified

Sep 16, 2020

Products (1)

  • Cisco Unified Communications Manager (CallManager)

Known Affected Releases


Description (partial)

Cannot perform a restore  if FIPS  is enabled and  IPSEC policy is enabled  with CA signed certificates. (IPSec, Tomcat, CCM)

Errors observed in the logs: 

ERROR [NetServerWorker-] - IOException caught: Socket closed

Error, intra-cluster communication is broken, unable to connect to..

 ERROR [NetServerClient-pub] - NetworkServerClient::Send failure Certificate not verified.
Caused by: com.rsa.sslj.x.aK: Certificate not verified.
Caused by: the certificate chain is not trusted, Could not validate path.

INFO [drfLocalRegMonitorThread] - drfLocalWorker.isLAConnected(): Unable to contact server. Master or Local Agent could be down

Cluster is in FIPS mode and IPSEC policies are configured between the nodes.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.