Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
939
Views
0
Helpful
2
Replies

Tomcat-Trust certificate expired; IM&P getting old one

james.buchanan1
Level 1
Level 1

‎06-23-2016 05:36 AM - edited ‎03-19-2019 11:17 AM

On a UCM 10.5 cluster, we have replaced the expired Root CA certificate with a new one. We disabled certificate change notification on all servers in the UCM cluster and the IM&P intercluster sync agent. Then, we deleted the Root CA certificate. After we deleted the Root CA certificate, we started these services again and uploaded a new version of the Root CA certificate.

All the CUCM servers in the cluster received the new Root CA certificate from the CUCM Publisher. However, the IM&P servers received an outdated version of that same certificate.

Is there a defect of some sort in which the old version of the certificate is stored somewhere and is propagated through the Intercluster Sync Agent?

Labels:
0 Helpful
2 Replies 2

brianw2
Cisco Employee
Cisco Employee

‎06-28-2016 12:44 PM

Yes there was a defect regarding what I believe you are experiencing. It is noted in CSCuy13916.

Have you tried deactivating and re-activating the TFTP service on your IM&P servers?

0 Helpful

james.buchanan1
Level 1
Level 1
In response to brianw2

‎06-28-2016 12:44 PM

Yes. Turns out there is an old version of the trust certificate still in the CUCM database even though the cert is gone from the list in Platform Administration. So, I'll call my good friends at TAC to perform some Informix magic.
0 Helpful
Customers Also Viewed These Support Documents