cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2088
Views
0
Helpful
2
Replies

Duplicate Certificate when uploading Certificate do CUCM 7.1

I was following the steps from:

http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_configuration_example09186a0080b43504.shtml

On the 6th step of "Upload the Certificate to Cisco Unified Communications Manager" section, the "upload file" step, i received the flowing message:

Cannot import certificate. It is a duplicate of pre-existing certificate \XXX-CUCM-PUB.xxxxxxxx.xx.pem\. both have SubjectName: \C=XX,ST=Xxxxxx,L=Xxxxxxxx,O=Xxxxxxxxxxxx Xxxxxxxx xx Xxxxx xx Xxxxxx,OU=Xxxxxxxx,CN=XXX-CUCM-PUB.xxxxxxxx.xx\. This certificate exists in tomcat-trust.

I tried to use a different description, but the error message persisted.

Any suggestion?

1 Accepted Solution

Accepted Solutions

jmoneste
Cisco Employee
Cisco Employee

Hello Douglas,

This error appears when the signed certificate was uploaded already. Even if you are changing the description the server uses the SubjectName to check whether the certificate exists or not.

To reupload try this:

  • Generate CSR
  •  Download CSR
  •  Get signed certificate for that CSR
  •  Upload immediate CA certificate (who signed CSR) to trust store.
    E.g. tomcat-trust. Don't mention anything in Root Certificate field.
  •  Upload signed certificate to unit. 
    E.g tomcat.  Mention Root Certificate = name of Immediate CA certificate with .pem extn
  •  Upload should be successful.

Please note that existing CSR gets deleted once signed certificate is uploaded. The same signed certificate cannot be uploaded again.

View solution in original post

2 Replies 2

jmoneste
Cisco Employee
Cisco Employee

Hello Douglas,

This error appears when the signed certificate was uploaded already. Even if you are changing the description the server uses the SubjectName to check whether the certificate exists or not.

To reupload try this:

  • Generate CSR
  •  Download CSR
  •  Get signed certificate for that CSR
  •  Upload immediate CA certificate (who signed CSR) to trust store.
    E.g. tomcat-trust. Don't mention anything in Root Certificate field.
  •  Upload signed certificate to unit. 
    E.g tomcat.  Mention Root Certificate = name of Immediate CA certificate with .pem extn
  •  Upload should be successful.

Please note that existing CSR gets deleted once signed certificate is uploaded. The same signed certificate cannot be uploaded again.

Thanks for your answer!

I was been a little stupid, I forgot to delete the previous certificate.

So tomcat-trust part of the problem was solved.

My problem now is arround the tomcat certificate.

But I will search before ask...

Thank you!