cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2001
Views
5
Helpful
5
Replies

CMS Conference Bridge not registered

SahilKhan8824
Level 1
Level 1

Dear ,

 

i have 2x CMS Servers and a Call Manager version 12.0 and i am trying to register CMS as a conferencing bridge in call manager but its not registering .I have done the following .Appreciate if you can suggest any troubleshooting step in fix the issue.

 

CMS :

1. Generated PKI self-sign certificate in CMS 

2. Configured callbridge & webadmin in CMS using the self-sign certificate 

 

 

Call Manager :

1. Uploaded self-sign certificate in both tomcat-trust & Callmanager-trust and restarted tomcat & callmanager

2. configured SIP Trunk security profile and assign CMS ip address under x.509 subject name.

3. configured SIP Trunk 

4. configured conference bridge with CMS ip address , username, password, 445 port under HTTP Info field.

 

 

 

5 Replies 5

Jaime Valencia
Cisco Employee
Cisco Employee

Unless they have changed the way they create the self signed certificates (have yet to upgrade my lab CMSs), those do not contain any actual info from what you configured (IP/hostname/etc), but vanilla values, so, the IP that you're using on your security profile is not on the certificate as a CN or SAN and thus it cannot be authenticated.

Take a look at your certs, and if that is still the case, get CA signed certificates and that should fix the issue.

HTH

java

if this helps, please rate

Thank you for quick response Mr.Jaime.

 

With regards to CA Signed certificates, i have following concerns 

 

1. Should CMS CSR certificates must use client-server template while generating CER certificates? does it work if the certificates generated using web server template ?

2. what all certificates do i need to upload in tomcat-trust & callmanager-trust ? 

 

Thanks

SK

Depends on what certificate you're talking about, refer to the CMS certificate guidelines doc before any further discussion.

HTH

java

if this helps, please rate

I have generated below certificates and it will be signed by internal CA server. So kindly suggest what certificates do i need to upload to tomcat-trust & callmanager-trust because it is clear to me from the document.

 

cms1>pki csr certs CN:cms1.example.com subjectAltName:webbridge.example.com,callbridge.example.com,webadmin.example.com

 

 

thanks

As long as the CMS CallBridge and CallManager certs were both signed by the same CA, you just need to upload the root CA chain (and intermediate root certs, if any) as CallManager-Trust certs.  

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: