Guest

Preview Tool

Cisco Bug: CSCvv73885 - Allow certificate upload with a size 4096 and above for trust stores

Last Modified

Oct 19, 2020

Products (1)

  • Cisco Unified Communications Manager (CallManager)

Known Affected Releases

11.5(1.10000.6) 12.5(1.10000.22)

Description (partial)

Symptom:
Allow upload of trust certificate file with a size of 4096 and above to the CUCM trust-stores since trust cert is not part of the phone trust.

Conditions:
When trying to upload -trust Root/Intermediate certificate, the following error is noticed due to the current limit for the server certificates (4096):

The PEM-encoded version of the Certificate with Subject CN=XXXXX exceeds the maximum number of characters allowed(4096). This problem can be caused by a large number of Issuers and or CRL paths. Please inspect the certificate contents and work with your Certificate Authority to reduce the number of characters before attempting to upload the certificate again.

Note: Restriction was introduced to address CSCvg10739 and applies to both PEM and DER certificates but phones use only DER based certs. 

The restriction should not apply for trust certificates since they are not part of the ITL/CTL.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.