Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2866
Views
5
Helpful
5
Replies

UCCX Make Rest Call over HTTPS

ln33147
Level 4
Level 4

‎04-17-2018 01:26 AM - edited ‎03-14-2019 06:06 PM

Dear members,

It's a UCCX Environment Version 11.5

We're trying to make a Rest Call over HTTPS and it's failing with the following error.

"javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: java.security.cert.CertPathBuilderException: Could not build a validated path."

We already generated a CSR and signed it with the customer CAs. We got a root, an intermediate and a signed certificate.

We uploaded the root and the intermediate as trusted and the signed certificate as normal.

Has someone faced a similar issue? is there anything still missing?

Any help is highly appreciated.

Thank you in advance.

 

 

1 person had this problem
Labels:
0 Helpful
5 Replies 5

Graham Old
Level 7
Level 7

‎04-17-2018 12:47 PM

If you are trying to access the CCX api I always use http//127.0.0.1 then it always goes to the active server and its always internal so your administrator ID and password won't go external.

 

If you are trying to access an external server using https from the scripting then loading the root certificate as a trusted certificate to the certificate store and rebooting CCX should work.

 

Graham

0 Helpful

ln33147
Level 4
Level 4
In response to Graham Old

‎04-17-2018 01:15 PM

Hello Graham,

Thank you for taking the time to respond.

What we are trying to do is accessing a third party server over HTTPS from a UCCX script through the "Make Rest Call" step.

We already uploaded the root certificate as a trusted certificate and we did restart the UCCX engine.

Any other suggestions?

Thank you

Lara

0 Helpful

brunonogaki
Level 1
Level 1
In response to ln33147

‎07-22-2019 02:38 PM

Hello,

 

Did you find a solution for that?

 

Thank you,

 

Bruno

0 Helpful

Guillermo_PY
Level 1
Level 1

‎06-30-2021 02:47 PM

Hello Team

I opened a case in TAC and sent me a solution in my case:

 

https://www.cisco.com/c/en/us/support/docs/customer-collaboration/unified-contact-center-express/118855-configure-uccx-00.html

 

Third-Party Applications Accessible from Scripts

If a UCCX script is designed in order to access a secure location on a third-party server (for example, Get URL Document step to an HTTPS URL or a Make Rest Call to an HTTPS REST URL), upload the signed or self-signed certificate chain of the third-party service to the UCCX tomcat-trust keystore. In order to obtain this certificate, access the UCCX OS Administration page and choose Upload Certificate.

The UCCX Engine is configured in order to search the platform Tomcat keystore for third-party certificate chains when presented with these certificates by third-party applications when they access secure locations via script steps.

The entire certificate chain must be uploaded to the platform Tomcat keystore, accessible via the OS Administration page, as the Tomcat keystore contains no root certificates by default.

After you complete these actions, restart the Cisco UCCX Engine

 

The documentation says restart Cisco UCCX Engine, but I reboot my UCCX.

 

After that, my script working fine with make rest call

Elliot Dierksen
VIP
VIP
In response to Guillermo_PY

‎07-01-2021 02:28 PM

I agree on rebooting the box, particularly with CCX. I have been bit more than a few times but some other dependent service not being restarted.

0 Helpful
Customers Also Viewed These Support Documents