Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
15912
Views
0
Helpful
17
Replies

Creating SIP TLS trunk between CUCM and VCS Using CA-signed-certificate

Zawlatt123
Beginner
Beginner

‎10-10-2012 05:12 PM - edited ‎03-17-2019 11:56 PM

I am having a problem where SIP TLS negotiation is failing for the trunk between CUCM 9 and VCS 7.2. Following are the steps followed from the Cisco TLS trunk creation guide.

- CSR generated from VCS and uploaded it to the Microsoft Certificate Sever.

- then upload the certificate and CA certificate to the VCS

- then download the sever certificate from the VCS and upload it to the CUCM

However, the TLS negotiation is failing and in the CUCM log, it's complaining an error message "unsupported certificate type for purpose"

anybody has experienced this issue?

Note: if self-signed certificate is used, tls trunk is established.

4 people had this problem
Labels:
0 Helpful
17 Replies 17

Alok Jaiswal
Cisco Employee
Cisco Employee

‎10-10-2012 09:28 PM

Hi Zlatt,

Does the CUCM has the root CA installed on it as well ? if not, can you try to do that.

Rgds,

Alok

0 Helpful