Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
906
Views
0
Helpful
7
Replies

VCS and XMPP Federation

Gordon Ross
Level 9
Level 9

‎12-15-2014 05:46 AM - edited ‎03-18-2019 03:47 AM

I've got a VCS-C & VCS-E configured for UC Traversal. As part of this, I've enabled XMPP federation. Attempts to start a chat session with external contacts fail. In the VCS-E logs I see:

XCP_CM2[15061]: Level="1" Subject="cm-2.dev-vcs-e-example-com" Event="Identity Verification failure during either Server Dialback or Certificate Validation" Module="XMPPFederation"

I'm guessing something doesn't like the cm-2.dev-vcs-e-example-com name as it doesn't match the SN or SAN in the certificate for the VCS-E. Firstly, the host is dev-vcs-e.example.com Secondly, I have no idea what "cm-2" is. It's certainly not the name of any host on my system (Either CUCM or IM&P)

Any suggestions or pointers on what to do to fix this?

Thanks,

GTG

Please rate all helpful posts.
1 person had this problem
Labels:
0 Helpful
7 Replies 7

Martin Koch
VIP Alumni
VIP Alumni

‎12-16-2014 01:29 AM

Please always mention which software versions you use.

It this string the exact one you see or did you modify parts of it to show it to us?

Did you check your or the remote certificates and hosts if this is name is configured somewhere?

 

Some docs:

 

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/im_presence/interdomain_federation/10_5_1/CUP0_BK_I07B7052_00_integration-guide-interdomain-federation-105/CUP0_BK_I07B7052_00_integration-guide-interdomain-federation-105_chapter_01010.html

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/X8-1/Cisco-VCS-Certificate-Creation-and-Use-Deployment-Guide-X8-1.pdf

http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_guide/X8-1/Cisco-Expressway-Certificate-Creation-and-Use-Deployment-Guide-X8-1.pdf

 

 

 

Please remember to rate helpful responses and identify

0 Helpful

Gordon Ross
Level 9
Level 9
In response to Martin Koch

‎12-16-2014 07:49 AM

Please always mention which software versions you use.

Sorry, it's VCS V8.2.2

It this string the exact one you see or did you modify parts of it to show it to us?

I just changed the domain name to example.com.

Did you check your or the remote certificates and hosts if this is name is configured somewhere?

I didn't check the remote certificate. I couldn't see the point as most of the SAN was my domain. I haven't seen anywhere in CUPSAdmin where the name cm-2 is set (Hence my post!)

 

GTG

Please rate all helpful posts.
0 Helpful

Martin Koch
VIP Alumni
VIP Alumni
In response to Gordon Ross

‎12-16-2014 09:12 AM

At least cm-2 sounds like communications manager 2 to me ;-)

Please remember to rate helpful responses and identify

0 Helpful

Gordon Ross
Level 9
Level 9
In response to Martin Koch

‎12-16-2014 12:11 PM

Pity one of the servers is actually called cucmdev-2 ;-)

 

GTG

Please rate all helpful posts.
0 Helpful

mathewlouis
Level 4
Level 4
In response to Gordon Ross

‎10-09-2015 01:06 PM

Any luck with this Gordon?

0 Helpful

Ayodeji Okanlawon
VIP Alumni
VIP Alumni
In response to mathewlouis

‎10-10-2015 10:47 AM

Mathew.

This error points to a DNS problem on the receiving side. You should have them check that they can resolve your federation domain

Please rate all useful posts
0 Helpful

Gordon Ross
Level 9
Level 9
In response to mathewlouis

‎10-15-2015 05:48 AM

I'm struggling to remember the details. Either the VCS cert was missing a SAN, or there was an error in my SRV records.

 

Sorry,

 

GTG

Please rate all helpful posts.
0 Helpful
Customers Also Viewed These Support Documents