Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2466
Views
5
Helpful
5
Replies

CMS Conference Bridge not registered

SahilKhan8824
Level 1
Level 1

‎08-27-2019 10:12 AM

Dear ,

 

i have 2x CMS Servers and a Call Manager version 12.0 and i am trying to register CMS as a conferencing bridge in call manager but its not registering .I have done the following .Appreciate if you can suggest any troubleshooting step in fix the issue.

 

CMS :

1. Generated PKI self-sign certificate in CMS 

2. Configured callbridge & webadmin in CMS using the self-sign certificate 

 

 

Call Manager :

1. Uploaded self-sign certificate in both tomcat-trust & Callmanager-trust and restarted tomcat & callmanager

2. configured SIP Trunk security profile and assign CMS ip address under x.509 subject name.

3. configured SIP Trunk 

4. configured conference bridge with CMS ip address , username, password, 445 port under HTTP Info field.

 

 

 

1 person had this problem
Labels:
0 Helpful
5 Replies 5

Jaime Valencia
Cisco Employee
Cisco Employee

‎08-27-2019 11:12 AM

Unless they have changed the way they create the self signed certificates (have yet to upgrade my lab CMSs), those do not contain any actual info from what you configured (IP/hostname/etc), but vanilla values, so, the IP that you're using on your security profile is not on the certificate as a CN or SAN and thus it cannot be authenticated.

Take a look at your certs, and if that is still the case, get CA signed certificates and that should fix the issue.

HTH

java

if this helps, please rate

SahilKhan8824
Level 1
Level 1
In response to Jaime Valencia

‎08-27-2019 11:32 AM

Thank you for quick response Mr.Jaime.

 

With regards to CA Signed certificates, i have following concerns 

 

1. Should CMS CSR certificates must use client-server template while generating CER certificates? does it work if the certificates generated using web server template ?

2. what all certificates do i need to upload in tomcat-trust & callmanager-trust ? 

 

Thanks

SK

0 Helpful

Jaime Valencia
Cisco Employee
Cisco Employee
In response to SahilKhan8824

‎08-27-2019 12:06 PM

Depends on what certificate you're talking about, refer to the CMS certificate guidelines doc before any further discussion.

HTH

java

if this helps, please rate
0 Helpful

SahilKhan8824
Level 1
Level 1
In response to Jaime Valencia

‎08-27-2019 12:35 PM

I have generated below certificates and it will be signed by internal CA server. So kindly suggest what certificates do i need to upload to tomcat-trust & callmanager-trust because it is clear to me from the document.

 

cms1>pki csr certs CN:cms1.example.com subjectAltName:webbridge.example.com,callbridge.example.com,webadmin.example.com

 

 

thanks

0 Helpful

JeremyL
Level 1
Level 1
In response to SahilKhan8824

‎08-28-2019 10:34 AM

As long as the CMS CallBridge and CallManager certs were both signed by the same CA, you just need to upload the root CA chain (and intermediate root certs, if any) as CallManager-Trust certs.  

0 Helpful
Customers Also Viewed These Support Documents