Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
631
Views
0
Helpful
8
Replies

CUCM 8.6.2 ITL file problem

josef.berkley
Level 1
Level 1

‎04-12-2016 10:06 AM - edited ‎03-17-2019 06:32 AM

On a new cluster (2 nodes), when I do a show itl on both servers, I get the error:

Length of ITL file: 0
The ITL File was last modified on Tue Apr 12 12:36:59 EST 2016

Parse ITL File
----------------

Invalid ITL file. Error skipping past version.
Error parsing the ITL File.

I've tried regenerating CUCM pem, TVS pem and tomcat pem then restarted TVS and TFTP services.

Did this on both servers.

There was no change after this.

Of course the phones aren't getting the ITL file but they do get the CTL file.

This is a new/test cluster so there isn't much I'm not willing to do to fix it, but I'm not sure if I can fix short of completely reinstalling the cluster.

Any help is appreciated.

Labels:
0 Helpful
8 Replies 8

Jaime Valencia
Cisco Employee
Cisco Employee

‎04-12-2016 03:01 PM

By any chance did you not set the prepare cluster for rollback parameter to true??

HTH

java

if this helps, please rate
0 Helpful

josef.berkley
Level 1
Level 1
In response to Jaime Valencia

‎04-13-2016 05:13 AM

I did not set that parameter to true, but I'm not sure that it is needed in my case. The cluster was installed as 8.6.2 and we haven't upgraded/downgraded the cluster at all. We really just installed it and added a few devices.I wanted to encrypt the phones and realized that the phones were registering but not getting an ITL file. When I did the Show itl on the CUCM servers, I saw the error. I think at some point the itl file was OK because a few of the initial phones have an ITL in the trust settings, but if I factory reset those phones, they'll register again, but not get an ITL.

0 Helpful

Ayodeji Okanlawon
VIP Alumni
VIP Alumni
In response to josef.berkley

‎04-13-2016 05:19 AM

Josef,

I found a similar thread that said regenerating only cucm.pem cert did resolve similar issue

https://supportforums.cisco.com/discussion/12868821/safe-regenerate-tvspem-no-trusted-itl

Please rate all useful posts
0 Helpful

josef.berkley
Level 1
Level 1
In response to Ayodeji Okanlawon

‎04-13-2016 05:35 AM

I did see that thread and regenerated the CUCM.pem cert then restarted the TFTP service but there was no change.

After that, I saw another case where it was advised to regenerate the CUCM,TVS cert so I tried that, but still no change.

Thanks.

0 Helpful

Ayodeji Okanlawon
VIP Alumni
VIP Alumni
In response to josef.berkley

‎04-13-2016 05:48 AM

Josef,

In that case you might want to open a TAC case. Please keep us updated on the resolution

Please rate all useful posts
0 Helpful

josef.berkley
Level 1
Level 1
In response to Ayodeji Okanlawon

‎04-13-2016 05:58 AM

Ayodeji,

We are waiting to resolve a issue with our support contract. Hopefully it is done soon. I wanted to see if anyone had suggestions before then.

Thanks again.

Joe

0 Helpful

Manish Gogna
Cisco Employee
Cisco Employee

‎04-13-2016 05:26 AM

One thing that you need to check is that the key size for cert should be less than 4096

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCup54818/?reffering_site=dumpcr

Manish

0 Helpful

josef.berkley
Level 1
Level 1

‎04-20-2016 07:42 AM

Just to close this out and in case it ends up helping anyone else...

The problem was resolved after I used a different version of call manager.

The problem was on CUCM8.6.2.25900-8

The issue is not present when we installed CUCM8.6.2.24900-17

I was setting up a test bed and we downloaded a slightly later ova version than what is running on the production system where everything worked properly. For some reason, the newer version did not work with FIPS like the earlier version.

Thanks for anyone that tried to help.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents