Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1422
Views
10
Helpful
3
Replies

CSCvn63274 - Expressway attempting IP instead of FQDN for CUCM causing Certificate Check Failure

Greg Roberts
Level 1
Level 1

‎12-03-2020 08:12 AM

Appear to have just encountered this in X12.6.  Anyone else had this issue in that release?

2 people had this problem
Labels:
0 Helpful
3 Replies 3

eschroederJH
Level 1
Level 1

‎12-19-2020 06:56 AM - edited ‎12-19-2020 07:15 AM

Had what appeared to be this issue after upgrading from CUCM 11.5.1 SU4 to SU8. Post upgrade, cert validation was failing for UDS, so MRA phones could not authenticate:

 

2020-12-19T09:28:56.482-05:00 edgeconfigprovisioning: Level="ERROR" Service="UDSManager" Detail="UDS get version request failed" UDS="X.X.X.X" Reason="[<twisted.python.failure.Failure OpenSSL.SSL.Error: [('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')]>]" UTCTime="2020-12-19 14:28:56,482"
2020-12-19T09:28:56.480-05:00 edgeconfigprovisioning: Level="ERROR" Detail="Certificate verify failure" Server="X.X.X.X" Reason="Neither common name nor subject alternate name match" CN="Name.domain.tld" SAN="set(list of server FQDNs])" UTCTime="2020-12-19 14:28:56,480"

 

We rebooted EXP-C and that cleared the issue. We did not have to do the workaround listed in the bug report.

Greg Roberts
Level 1
Level 1
In response to eschroederJH

‎04-14-2021 05:49 PM

Good to know.  We just encountered it again in X12.6.4.  Frustrated by all the "workarounds" in this platform versus bugs being fixed by the BU.

0 Helpful

pgendaszewski
Level 1
Level 1

‎04-26-2021 03:11 AM

X12.6.2 with CUCM upgrade from 11.5 to 12.5 - same issue. Cluster restart proposed by TAC "resolved" it.

0 Helpful
Customers Also Viewed These Support Documents