cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
343
Views
15
Helpful
6
Replies

Error message after loading signed certificate in CUCM/Unity version14

filiberto.aguirre
Participant
Participant

Hi ,

When we try to load the certificate ( previously created with Windows server CA) in CUCM 14 an error is displayed "Certificate is valid only between ..begin date -end date of CA cert "

This error is shown when we try to load the certificate en CUCM and Unity 14.

In order to verify is something wrong with CA we signed certificate for expressway E and we could load the certificate without any problem.

In the past we have signed certificates with the same CA for CUCM, Unity , expressway C/E

for CUCM and unity  version 11.5 and never has problems.

anyone knows if there are specific requirements for certificates for CUCM , Unity in version 14.

I attach screenshots of CA cert, unity signed cert and error message as a reference

regards

1 Accepted Solution

Accepted Solutions

Jaime Valencia
Hall of Fame Cisco Employee Hall of Fame Cisco Employee
Hall of Fame Cisco Employee

I've seen that happen when either the CA or the VM to which you're uploading the certificate have a wrong date/time.

Say the CA is hours (or days) ahead from you, the error says today at 10:54:14 is when the validity start, and the server is behind that time and you try this at 8:30 am as per the server, it would show that error because the certificate you're trying to upload is not yet valid.

Take a look at the date/time settings from the server.

HTH

java

if this helps, please rate

View solution in original post

6 Replies 6

Roger Kallberg
VIP Expert VIP Expert
VIP Expert

Have you first uploaded the CA certificate(s), root, and any intermediate if applicable, to the tomcat trust store?



Response Signature


Hi Roger,

Thanks a lot for your follow up.

Regarding your question, answer is Yes.

Previously I loaded CA cert. 

I attach screenshot a s a reference.

As I mention before the problem is only with CUCM, Unity , but with expressway I can load. certificates using same CA.

regards.

regards

Jaime Valencia
Hall of Fame Cisco Employee Hall of Fame Cisco Employee
Hall of Fame Cisco Employee

I've seen that happen when either the CA or the VM to which you're uploading the certificate have a wrong date/time.

Say the CA is hours (or days) ahead from you, the error says today at 10:54:14 is when the validity start, and the server is behind that time and you try this at 8:30 am as per the server, it would show that error because the certificate you're trying to upload is not yet valid.

Take a look at the date/time settings from the server.

HTH

java

if this helps, please rate

I was thinking much the same as @Jaime Valencia 

It may sound dumb, but try uploading the certificate tomorrow. I'd be willing to bet it works.

Maren

Hi Maren,

thanks for your comment, 

regards

 

Hi Jaime,

after reviewing the time on the host I noticed that time zone  was not the correct one.

I change the time zone on the host and create once again the cert  then load signed cert for CM / Unity and works !!.

Thanks for your suggestions

regards

 

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: