09-10-2014 03:45 AM - edited 03-18-2019 03:23 AM
Hi,
I have followed this document to deploy a CUCM with Conductor/Telepresence server integration.
I have :
- CUCM v 10.5 (virtual)
- Conductor XC2.3 (virtual)
- Telepresence server v 4.0 on Multiparty Media 310
The doc says that Conductor can use Encrypted SIP (TLS) port 5061 and HTTPS port 443 but is it a prerequisite or not ?
I have configured everything with HTTP 80 and SIP (TCP+UDP) 5060 but I have this error message in the call history of Conductor when I try to do an ad-hoc conference :
B2BUA generated 404 Not Found due to a TLS failure on the Egress
09-12-2014 03:24 AM
Hi There,
I'm doing the same as you but with v10 of CUCM. I don't get the same error but calls are failing when I dial into a Meetme number mapped to a 'Rendezvous' service on Conductor/TPS.
Did you get things working?
Ade
09-16-2014 05:27 AM
According to an answer from Cisco support, TLS is mandatory. You cannot make this work if you don't configure SIP TLS and HTTPS between CUCM, Conductor and the Telepresence server.
I made it work (ad-hoc and rendez-vous) with configuring TLS (following the configuration guide).
09-17-2014 08:28 AM
i've have the same problems.
please can you say, what certificarte downloaded on cucm to install on Conductor?.
09-25-2014 05:54 AM
You have to make the CUCM certificate being signed by a CA.
Under certificate management, click on CSR Request. Choose Call Manager.
Then download CSR, choose Call Manager.
Go to your CA (either private or public) and give it the CSR so that it can be signed.
Upload the certificate to the CUCM.
Do the exact same process for Conductor.
Then you also have to upload the CA certificate to both CUCM (Call Manager trust) and Conductor.
Everything is explained in the "deploying certificates guide" of Conductor.
10-01-2014 09:13 PM
thanks for you information.
but i've a doubt when the CA signed my CSR. i'm obtain my cucm CA signed.
first need upload CA root certificate on cucm (call manager trust) and then upload the new certificate CA for cucm on (call manager)
that's correct?
10-02-2014 01:49 AM
Yes, first the CA certificate, then the CUCM certificate.
When you upload the CUCM certificate, you also have to indicate the name of the "root" certificate, the CN name of the CA certificate.
You can also not use any CA. Just upload the Conductor certificate (which is by default self-signed by a temporary CA, hence it is this default temporary CA that you would upload, not the Conductor certificate itself) on the CUCM and vice versa, upload the CUCM certificate (self-signed by default) to Conductor.
This is what I did lastly and it works fine. This is easier as you don't need any CA involved. OK for a lab, not for a production environnement.
03-02-2015 11:39 AM
Can you explain more this step please ?
Just upload the Conductor certificate (which is by default self-signed by a temporary CA, hence it is this default temporary CA that you would upload, not the Conductor certificate itself) on the CUCM - In this step i take the certificate (sign) of the CUCM or CA ? I put in Trusted CA Certificate or in Server Certificate?
and vice versa, upload the CUCM certificate (self-signed by default) to Conductor. - Where in CUCM os administrator page ?
03-02-2015 12:04 PM
How can i export the "default" temporary CA from Conductor?
03-02-2015 01:42 PM
Does the UCM cluster need to be configured for mixed-mode for this to work?
03-03-2015 01:54 AM
No.
08-13-2015 03:19 PM
Hi Matthieu
This is not 100% correct.
TLS is required between vTS and the Conductor. You can use TCP and HTTP between the Conductor and CUCM.
11-17-2015 12:34 PM
Hello Matthieu !
Do we need to upload certificate in TPS to make TLS communicate between
conductor ?
KV
11-17-2015 01:54 PM
No need to upload certificate in Telepresence Server. You will need the encryption key to be able to use TLS for encrypted communication (mandatory) between Telepresence Server and Conductor.
For Telepresence Server version 4.1(2.33) or earlier, encryption key is required. Beginning with version 4.2, it is no longer required.
regards,
Acevirgil
11-17-2015 02:01 PM
Thanks ; By the way cucm can communicate without certificate ..Right ?by using HTTP?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide