SSL Error from CUCM

alexandersatria_Zlf — Wed, 12 Aug 2015 06:10:03 GMT

We are writing to ask about how to solve the problem that we encounter when we are trying to develop the sample of Cisco API application.

We have tried to run the sample of Cisco API sample application from the DevNet form.

Here is the link of the sample that we've tried and followed:

https://developer.cisco.com/site/extension-mobility/learn/sample-apps/index.gsp

package asd;

import java.io.*;

import java.net.*;

import javax.net.ssl.*;

import java.security.*;

import java.security.cert.X509Certificate;

import java.net.URLEncoder;

import javax.xml.ws.Service;

import javax.net.ssl.TrustManagerFactory;

public class asdf {

public static void main(String[] args) throws Exception {

//EM API service URL on Unified CM host host.com

//Note this sample assumes the certificate for the host with subject

//name 'cucm-host.com' has been imported into the Java keystore

//To test with insecure connection use the URL as http://cucm-host.com:8080/emservice/EMServiceServlet

URL url = new URL("https://192.168.10.11:8443/emservice/EMServiceServlet");

//Create a java.net URLConnection object to make the HTTP request

URLConnection conn = url.openConnection();

//setDoOutput=true causes the URLConnection to perform a POST operation

conn.setDoOutput(true);

//The request body will be in HTTP form encoded format

conn.setRequestProperty("Content-Type","application/x-www-form-urlencoded");

//Build a string containing the contents of the E/M API XML request - here 'login'

String EMRequest = "<request><appinfo><appid>operator</appid><appcertificate>operator</appcertificate></appinfo>";

EMRequest += "<login><devicename>SEP000000000001</devicename><userid>user01</userid><deviceprofile>EM-USER01</deviceprofile>";

EMRequest += "<exclusiveduration><time>60</time></exclusiveduration></login></request>";

//URL encode/escape the request

EMRequest = URLEncoder.encode(EMRequest,"UTF-8");

//Build the complete HTTP form request body

EMRequest = "xml="+EMRequest;

//Create an OutputStreamWriter for the URLConnection object and make the request

OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());

writer.write(EMRequest);

writer.flush();

//Read the response

BufferedReader reader = new BufferedReader(new InputStreamReader(conn.getInputStream()));

//Output the response to the console

String line;

while ((line = reader.readLine()) != null) {

System.out.println(line);

}

//Cleanup the stream objects

writer.close();

reader.close();

}

private static void disableSslVerification() {

try

{

// Create a trust manager that does not validate certificate chains

TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {

public java.security.cert.X509Certificate[] getAcceptedIssuers() {

return null;

}

public void checkClientTrusted(X509Certificate[] certs, String authType) {

}

public void checkServerTrusted(X509Certificate[] certs, String authType) {

}

};

// Install the all-trusting trust manager

SSLContext sc = SSLContext.getInstance("SSL");

sc.init(null, trustAllCerts, new java.security.SecureRandom());

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

// Create all-trusting host name verifier

HostnameVerifier allHostsValid = new HostnameVerifier() {

public boolean verify(String hostname, SSLSession session) {

return true;

}

};

// Install the all-trusting host verifier

HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);

} catch (NoSuchAlgorithmException e) {

e.printStackTrace();

} catch (KeyManagementException e) {

e.printStackTrace();

}

We have followed the steps, but we can not solve the SSL error:

Exception in thread "main" javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present

at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)

at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937)

at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)

at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)

at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1478)

at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212)

at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)

at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)

at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)

at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)

at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)

at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)

at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)

at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)

at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1282)

at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1257)

at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)

at asd.asdf.main(asdf.java:41)

Caused by: java.security.cert.CertificateException: No subject alternative names present

at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:144)

at sun.security.util.HostnameChecker.match(HostnameChecker.java:93)

at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455)

at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:436)

at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:200)

at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)

at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1460)

... 13 more

Re: SSL Error from CUCM

dstaudt — Thu, 20 Aug 2015 20:26:41 GMT

This walk-through for another CUCM web services API (AXL) describes the generic steps for importing a certificate into a standard Java framework: Cisco AXL

If your environment is different or you are still not successful with the sample, you may need to look for general HTTPS/certificate support from the greater Java web community.

Re: SSL Error from CUCM

alexandersatria_Zlf — Mon, 24 Aug 2015 06:43:18 GMT

Hi, David

thank you for reply. i solve about certificate issue . But still unsuccessful to do login without errors and showing "Error processing request: null". i already tried

Cisco AXL

but, i have a problem when i did command prompt, there's still error with wsimport is not recognized.

Re: SSL Error from CUCM

dstaudt — Wed, 26 Aug 2015 21:44:14 GMT

On my system (Ubuntu Linux 14.04 64bit) with Oracle Java 1.7 installed and everything set at default, wsimport is located in:

/usr/lib/jvm/java-7-oracle/bin

Note, this is different from the usual Java bin directory, e.g.: /usr/lib/jvm/java-7-oracle/jre/bin/

If wsimport is not in your system path (e.g. using Windows), you may need to add it to the path, or change to your $JAVA_HOME/bin/ directory in order to execute wsimport.

topic Re: SSL Error from CUCM in Management

SSL Error from CUCM

Re: SSL Error from CUCM

Re: SSL Error from CUCM

Re: SSL Error from CUCM