Can't login with Finesse after changing CUCM SSL certificate

HusseinLTD · ‎12-16-2022

Hi,

we were using self-sign certificates for all of our collaboration apps, and now changed to multi-SAN certificates.

we changed CUCM & CCX certificates, after that we faced issue with Finesse login.

Jabber is working fine, also CCX reporting can login perfectly fine.

but when we try to login to with Finesse we get "Authentication failed".

also noticed in CCX when I go to "data sync" and check, I get the following error:

"An unknown error occurred while performing the operation. Please check the logs for more details.Cisco AXL Web Service is down on Cisco Unified CM. Please check whether the service is"

generating self-sign certificate for CUCM fixed the issue, but we need to use Multi-SAN certificate.

we have:

CUCM 12.5.1.10000-22

CCX 12.0.1.10000-24

any idea?

Roger Kallberg · ‎12-16-2022

Have you uploaded the certificate of the CA and any intermediate that signed the certificate into the tomcat trust store on CM and CCX?

As an example see this from one of our CCX systems.

HusseinLTD · ‎12-18-2022

I did that, but it didn't help, I think I'm hitting this bug #CSCvd56174, I have the exact problem and errors but different version.

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvd56174

Roger Kallberg · ‎12-18-2022

That sounds like a thing that could be handled by having the CA sign the certificate with the appropriate extension.

Roger Kallberg · ‎12-16-2022

Apart from that it seems like you might be post this as a duplicate post. https://community.cisco.com/t5/contact-center/can-t-login-with-finesse-after-changing-cucm-ssl-certificate/m-p/4740491#M125778