Buy or Renew
Buy or Renew
Cisco + Splunk: Itā€™s a new day for your data. Learn more.
Ā 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
2287
Views
5
Helpful
3
Replies

Problem with Finesse Agent login after upgrade from 10.6 to 11.5

Mikael Hansson
Level 5
Level 5

ā€Ž06-13-2017 02:48 AM - edited ā€Ž03-14-2019 05:22 PM

After successful upgrade of standalone UCCX from 10.6 to 11.5SU1 our customer got a bunch of browser-related problems with Finesse Agent.

Almost all of the users who was using Internet Explorer got to the Finesse login-page without any input-boxes for the username/password.

They only had the bluish webpage.

After clearing the cookies and web-history in the browser they could log-on to the upgraded system.

Some users had to disable compability mode in their browser, but this is well-documented and something we have informed the users.

But the Finesse Agents that are using Firefox still have some problems. Cookies has been deleted in the browser but many of them are facing login-issues (but only when using Firefox).

After login has been made they are presented with an error box in the middle of the screen.

"Cannot authenticate with the notification service. There may be a configuration mismatch. Please contact your administrator"

The same Finesse-agents can login to Finesse with IE without problems.

When opening the Finesse Agent in Firefox Privacy-tab the user can log on as usual. 

For some Agents the problem disappears after the above workaround, but not for all.

We have changed from a CA-signed SHA1-certificate to a CA-signed SHA256-certificate for the UCCX (Standalone) at the same time.

- What is the recommended procedure to clear the browser from previous Finesse-information when doing an UCCX upgrade ?

I have not yet found any official document regarding this. Is it more than Cookies that needs to be deleted ?

Labels:
0 Helpful
3 Replies 3

Mark Swanson
Level 4
Level 4

ā€Ž06-13-2017 02:40 PM

It sounds like agents need to delete the old SHA-1 certs from the Certificate Manager. IE and Chrome reference the same Cert Manager (i.e. certmgr.msc) whereas Firefox references a browser based Cert Manager; Options > Advanced > Certificates > View Certificates.

After you delete the old certs, make sure the Cert Manager contains the new certs as well as the CA and Intermediate Certs. Then, close and reopen the browser. Good Luck!

 

0 Helpful

Mikael Hansson
Level 5
Level 5
In response to Mark Swanson

ā€Ž06-15-2017 01:47 AM

The Cert Manager in Firefox was one of the problems along with old cookies and temporary files.

For some users it was enough to change the config "security.enterprise_roots.enabled" to true to be able to trust the CA-certificates as these CA-certificates was in the correct Windows trust store.
On most of the others we had to manually add the Intermediate and root certificate to the Firefox trust store.

The problem is solved on each agents Firefox-browser by:
- manually add the new CA-certificates
- clear cookies for the UCCX-server

yavuzsab
Level 1
Level 1
In response to Mark Swanson

ā€Ž09-25-2017 12:04 AM

New instance of 11.5(1)SU1ES1 HA has been installed for my client and notice that IE11 after sometime with Finesse the Live Data for team / queue tab dates Loading.... after deleting cookies page operates again. InPrivate browsing we never had such problem. There seems to be some corruption or timer within IE11 with its cookies received from server and just fail until deleted. Anybody face same issue? And what did you do to resolve from MS IE11 perspective

Thanks
Yav
0 Helpful
Customers Also Viewed These Support Documents