Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6616
Views
5
Helpful
10
Replies

Expressway-C Provisioning server error

Pietro Corti
Level 1
Level 1

‎12-02-2015 11:42 PM - edited ‎03-17-2019 05:42 PM

Hi, I have a problem with Expressway x8.7 and CUCM 10.5.2.

All works fine but (apparently random) i have the error show on image.

The MRA client can't connect.

Reboot the expressway fix the issue ..

Also I found the message :

edgeconfigprovisioning: Level="ERROR" Service="UDSManager" Detail="UDS get version request failed" UDS=10.10.31.212" Reason="[<twisted.python.failure.Failure <class 'OpenSSL.SSL.Error'>>]" UTCTime="2015-12-03 07:20:42,379" 
edgeconfigprovisioning: Level="ERROR" Detail="Certificate chain verify failure" State="None" Error="18: self signed certificate" Depth="0" UTCTime="2015-12-03 07:20:42,378" 

On VCS I have imported the tomcat CUCM self signed certificate.

Previous of CUCM 10.5.2 upgrade there was no preblem.

Thanks a lot

Pietro

3 people had this problem
Labels:
0 Helpful
10 Replies 10

Md Hasan
Cisco Employee
Cisco Employee

‎12-03-2015 03:07 PM

Please check the white list of VCS-C or the firewall port open for TCP 8443 toward cucm pub

For IM&P the port will be TCP 8443, 5222, other ports are needed but these are basics port needed to be opened

0 Helpful

Pietro Corti
Level 1
Level 1
In response to Md Hasan

‎12-03-2015 10:19 PM

All the ports are open, and after reboot expressway-c the UC registration is correct for some time.

0 Helpful

Rajkumar Yadav
Level 4
Level 4
In response to Pietro Corti

‎10-10-2016 09:41 AM

Gents,

Any update as how this error was resolved ?

Regards,

Raaj

0 Helpful

heathrw
Level 4
Level 4

‎12-03-2015 05:06 PM

You mentioned upgrading to 10.5.2 was the the Expressway also upgraded?

Did you try and delete and re-import the certificates?

0 Helpful

Pietro Corti
Level 1
Level 1
In response to heathrw

‎12-03-2015 10:17 PM

I have delete CUCM Tomcat self signed certificates and import the new one from CUCM 10.5.2.

Reboot expressway and all works fine when it restart, but the error still come back after some time(random time).

0 Helpful

heathrw
Level 4
Level 4
In response to Pietro Corti

‎12-03-2015 10:55 PM

Can you downgrade 8.7 the previous release that was working. Since UCM has also been upgraded would be good to know if the issue still occurs when Exp is earlier version.

0 Helpful

Pietro Corti
Level 1
Level 1
In response to heathrw

‎12-03-2015 11:04 PM

The issue is not related ti expressway release but to CUCM from 10.1 to 10.5.2 ( I can't downgrade CUCM).

I just try expressway 8.5.2 and 8.6 with same problem.

Strange thing that after reboot expressway c all works fine for some random time.

0 Helpful

heathrw
Level 4
Level 4
In response to Pietro Corti

‎12-03-2015 11:31 PM

You generated the tomcat MultiSAN cert accross all hosts and restarted tomcat?

I understand this has worked for you in the past but a more supported method would be to have a CA sign all the certifiates (internal or public).

0 Helpful

mneira099
Level 1
Level 1

‎01-07-2016 07:19 AM

Hi Pietro, 

Did you get this issue solved?

I'm having the same problem...

0 Helpful

Pietro Corti
Level 1
Level 1
In response to mneira099

‎01-08-2016 12:38 AM

Hi,

problem fix yesterday.

Please check nslookup on both vcs-c and vcs-e (Maintenance - Tools - Networks utilities - DNS lookup)

On vcs-c the fqdn of vcs-e need to be only on internal interface (not both).

For a mistake of IT team there was a wrong DNS entry that resolve expressway-e fqdn on both internal and external interface.

Pietro

Customers Also Viewed These Support Documents