Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
742
Views
1
Helpful
5
Replies

Finesse / UCCX certificate is not valid on sandbox

Go to solution
s-vangor
Level 1
Level 1

‎05-30-2024 01:57 AM

Hello,
I use Unified Contact Center Express 12.5 in DevNet. Our application is not able get any API details because certificate is not valid from March 2022. I can put exception to browser and check details but not in application.

Could be certificate reneved ? Sandbox Finesse is not usable for integration then.

Thanks!

BR
Slavo 

Preview file
83 KB
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
dstaudt
Cisco Employee
Cisco Employee
In response to bigevilbeard

‎05-30-2024 09:32 AM

I'll see if I can put in a ticket to get those updated.
As you have admin credentials, it is possible for you to update the certs on the sandbox hosts yourself: https://community.cisco.com/t5/collaboration-knowledge-base/cisco-uc-certificates-renewal-guide/ta-p/4077131
(Though this would need to be done each time the sandbox is reserved until the sandbox guys complete the update...)

View solution in original post

Go to solution
s-vangor
Level 1
Level 1
In response to dstaudt

‎06-05-2024 03:24 AM - edited ‎06-05-2024 03:26 AM

Hi, it would be great if you or somebody else could open ticket.

Thank you for link, this is usable as teporary solution and it is quite easy to set.

I will write steps for other:
- Open Cisco Inified OS Administration > Security > Certificate Management > Find  https://hq-uccx.abc.inc/cmplatform/certificateFindList.do
- Chose Tomcat cert which is expired and regenerate it byt Regenerte button
- Then I restarted services with CLI commands

utils service restart Cisco Tomcat
utils service restart Cisco Finesse Tomcat

Pages like "cmplatform " or "appadmin" used new certificate after restart but Finesse Desktop or API still used old one. I used CLI command to restar system and this did the job and new certificate is in use.

 

utils system restart

 

Simple API test over https://hq-uccx.abc.inc:8445/finesse/api/SystemInfo which don't require authentication.
There are additional steps needed because certificate is just self-signed and still not trusted for browser or application, but this is different topic. 

Thank you for your help.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
bigevilbeard
VIP
VIP

‎05-30-2024 04:13 AM

@s-vangor not sure if this can be resolved this way, but i see the same for the SD-WAN/Catalyst Center SBX. In my code, i add to my code.

# disable warnings from SSL/TLS certificates
requests.packages.urllib3.disable_warnings()

 

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io
0 Helpful

Go to solution
s-vangor
Level 1
Level 1
In response to bigevilbeard

‎05-30-2024 04:31 AM

Hi, thank you for reply and hint but this is no solution for me.
All should be secured and trusted this days and we need to pass also few security tests.  Certificates are expired over two years and I don't think it is so hard to update them once per two years

My next steps is test app with secure XMPP ...I guess I know what to expect

0 Helpful

Go to solution
bigevilbeard
VIP
VIP
In response to s-vangor

‎05-30-2024 05:57 AM

Understand, i do not know the answer, but as this is sandbox something will not be 100% like you run in production. 

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io
0 Helpful

Go to solution
dstaudt
Cisco Employee
Cisco Employee
In response to bigevilbeard

‎05-30-2024 09:32 AM

I'll see if I can put in a ticket to get those updated.
As you have admin credentials, it is possible for you to update the certs on the sandbox hosts yourself: https://community.cisco.com/t5/collaboration-knowledge-base/cisco-uc-certificates-renewal-guide/ta-p/4077131
(Though this would need to be done each time the sandbox is reserved until the sandbox guys complete the update...)

Go to solution
s-vangor
Level 1
Level 1
In response to dstaudt

‎06-05-2024 03:24 AM - edited ‎06-05-2024 03:26 AM

Hi, it would be great if you or somebody else could open ticket.

Thank you for link, this is usable as teporary solution and it is quite easy to set.

I will write steps for other:
- Open Cisco Inified OS Administration > Security > Certificate Management > Find  https://hq-uccx.abc.inc/cmplatform/certificateFindList.do
- Chose Tomcat cert which is expired and regenerate it byt Regenerte button
- Then I restarted services with CLI commands

utils service restart Cisco Tomcat
utils service restart Cisco Finesse Tomcat

Pages like "cmplatform " or "appadmin" used new certificate after restart but Finesse Desktop or API still used old one. I used CLI command to restar system and this did the job and new certificate is in use.

 

utils system restart

 

Simple API test over https://hq-uccx.abc.inc:8445/finesse/api/SystemInfo which don't require authentication.
There are additional steps needed because certificate is just self-signed and still not trusted for browser or application, but this is different topic. 

Thank you for your help.

0 Helpful
Customers Also Viewed These Support Documents