cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

3657
Views
5
Helpful
1
Replies
Highlighted
Beginner

Certificate error on Call Manager 7.1.2

We recently upgraded from 7.0.1 to 7.1.2. After enabling alerts we started getting this message once an hour. What is the best way to resolve this issue?

At Wed Sep 12 18:00:31 CDT 2012 on node 192.168.101.10, the following SyslogSeverityMatchFound events generated:

SeverityMatch - Emergency : 258: Sep 12 23:00:00.218 UTC :

%CCM_UNKNOWN-CERT-0-CertExpiryEmergency:

Certificate Expiry EMERGENCY_ALARM Message:Certificate expiration Notification.

Certificate name:CAPF Unit:CAPF

Type:own-cert

Expiration:Mon Jul 23 17:14:08:000 CDT 2012 / App ID:Cisco Certificate Monitor

Cluster ID: Node ID:OLFCCM01 SeverityMatch - Emergency :

259: Sep 12 23:00:00.218 UTC : %CCM_UNKNOWN-CERT-0-CertExpiryEmergency:

Certificate Expiry EMERGENCY_ALARM Message:Certificate expiration Notification.

Certificate name:CAPF-e300286f

Unit:CallManager-trust Type:trust-cert Expiration:Mon Jul 23

App ID:Cisco Certificate Monitor

Cluster ID: Node ID:OLFCCM01 SeverityMatch - Emergency :

260: Sep 12 23:00:00.219 UTC : %CCM_UNKNOWN-CERT-0-CertExpiryEmergency: Certificate Expiry EMERGENCY_ALARM Message:Certificate expiration Notification.

Certificate name:CAPF-e300286f Unit:CAPF-trust Type:trust-cert Expiration:Mon Jul 23 17:14:0

App ID:Cisco Certificate Monitor

Cluster ID: Node ID:OLFCCM01

1 REPLY 1
Beginner

Certificate error on Call Manager 7.1.2

Hi,

A few things you can check:

1. If you using CUCM internal or CA signed CAPF certificates.

2. Can you see the CN from capf-trust.pem certificate, does that correspond to the CUCM FQDN?

3. What is the remaining lifetime capf-trust certificate?

If the certificate is about to expire, you can regenrate it from CUCM OS GUI page (if self signed) or have it reissued by the CA (if its signed by external CA). In case of latter, be sure to generate a new CSR.



Akhil Behl
Senior Network Consultant
akbehl@cisco.com

Author of “Securing Cisco IP Telephony Networks”
http://www.ciscopress.com/title/1587142953

Akhil Behl Solutions Architect akbehl@cisco.com Author of “Securing Cisco IP Telephony Networks” http://www.ciscopress.com/title/1587142953
CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards