Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
758
Views
0
Helpful
6
Replies

CME SCCP phone encryption - phones not registering

felipecarneiro
Beginner
Beginner

‎04-30-2016 09:07 PM - edited ‎03-17-2019 06:46 AM

Hello, I'm trying to configure phone encryption on CME 8.6 but the phones do not get registered.

I've tried the following guides, both without success:

http://www.firewall.cx/cisco-technical-knowledgebase/cisco-voice/956-cisco-voice-cme-secure-voip.html

https://www.nsa.gov/ia/_files/voip/cucme_securityguidancedocument.pdf

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucme/admin/configuration/guide/cmeadm/cmeauth.html

On the 7965/7962 phones Settings >> Security Configuration >> Trust List CTL File is installed (including TFTP Server , Unified CM and CAPF Server certificates), but ITL File is Not Installed.

The phone remains Registering while debug ephone register shows these errors:

May 1 03:52:14.015: New Skinny socket accepted [2] from 1, sub 1 (1 active)
May 1 03:52:14.015: sin_family 2, sin_port 50484, in_addr 10.0.0.11
May 1 03:52:14.019: add_skinny_secure_socket: pid =394, new_sock=0, ip address = 10.0.0.11
May 1 03:52:14.019: skinny_secure_handshake: pid =394, sock=0, args->pid=394, ip address = 10.0.0.11
May 1 03:52:14.023: Start TLS Handshake 0 10.0.0.11 50484
May 1 03:52:14.027: TLS Handshake retcode OPSSLReadWouldBlockErr
May 1 03:52:15.027: TLS Handshake retcode OPSSLReadWouldBlockErr
May 1 03:52:16.027: TLS Handshake retcode OPSSLReadWouldBlockErr
May 1 03:52:17.035: TLS Handshake error -6992 
May 1 03:52:17.035: TLS context configuration FAILED for 0 10.10.10.11 5048
Labels:
0 Helpful
6 Replies 6

dmitrinik
Beginner
Beginner

‎09-18-2016 12:20 AM

Hello. Have you found a workaround for this issue?

Thank you.