Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
922
Views
5
Helpful
3
Replies

Secondary tomcat certificate not updating

Go to solution
PatWruk
Level 1
Level 1

‎08-25-2021 08:11 AM

We have 2 UCCX servers that the tomcat certs will expire in a month and are working on replacing them. We uploaded the cert to the primary server then rebooted the Cisco Tomcat and Cisco Finesse Tomcat services, the secondary server was still using the old cert. We rebooted the primary server, waited for it to come back up then rebooted the secondary. The secondary still has the old cert. When we replaced the certs on all of the other servers (CUCM, UCXN, CIMP) it properly propagated from the primary to the secondary and have no idea why it isn't working on UCCX. We are using a Multi-server(SAN) cert from GoDaddy so it should cover both

Any ideas how to fix this?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Elliot Dierksen
VIP
VIP

‎08-25-2021 08:54 AM

It depends on the version of CCX, but you have to generate the CSR as a multi-server SAN where the request is created in OS Administration. If you didn't do that, you will have to generate a new multi-server CSR and get the certificate re-issued.

View solution in original post

3 Replies 3

Go to solution
Elliot Dierksen
VIP
VIP

‎08-25-2021 08:54 AM

It depends on the version of CCX, but you have to generate the CSR as a multi-server SAN where the request is created in OS Administration. If you didn't do that, you will have to generate a new multi-server CSR and get the certificate re-issued.

Go to solution
PatWruk
Level 1
Level 1
In response to Elliot Dierksen

‎08-25-2021 10:51 AM

That looks like it should be it, it looks like our CSR was done wrong. Thanks for the help!

0 Helpful

Go to solution
deepshikha2112
Level 1
Level 1

‎08-25-2021 11:38 AM

Just make sure that while generating CSR for UCCX/Tomcat - under Multi-SAN, SANs (Subject Alternate Names) should have both - UCCX FQDNs - primary and secondary - included.

I hope this helps!!!

0 Helpful
Customers Also Viewed These Support Documents