cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
981
Views
0
Helpful
8
Replies
Highlighted
Beginner

Cisco Connectivity Subscriber Publisher

Dear Team,

 

I have a problem recently between Cisco Publisher and Subscriber when I try to reach the subscriber from the serviceability list 

I got below message :

 

Connection to the Server cannot be established(Certificate Exception)

When I try to navigate below in CLI on Publisher I got below:utils dbreplication runtimestate

(-) DB Active-Error

 

Even there is no reachibility between subscriber and publisher eventhough the two are on same network

 

Everyone's tags (3)
8 REPLIES 8
Highlighted

Re: Cisco Connectivity Subscriber Publisher

 . Hi Tanios, 

 

Can you check the DB replication status by issue the command - utils dbreplication status  to get updated data. 

 

you probably need to repair the DB replication first and ensure that you have good DB replication between the nodes if you get the same error again when you run the command utils dbreplication runtimestate.

 

 

meanwhile, check the tomcat certificate expiry - If expired, regenerate the Tomcat certificate and restart the Tomcat service.

 

Regards,

Shalid 

 

 

Highlighted
Beginner

Re: Cisco Connectivity Subscriber Publisher

will this affect the anything running?

Highlighted

Re: Cisco Connectivity Subscriber Publisher

Hi Tanios,

the DB repair doesn't impact anything much. But tomcat service restart will impact where users unable to access the portal until the reboot completed. also, users won't be able to log into the IP phone services (for example EM). but doesn't affect for logged in users.

Regards,
Shalid
Highlighted
Beginner

Re: Cisco Connectivity Subscriber Publisher

Which certificates I should check if expired?

Can you provide with detailed technique to regenerate the certificate?

Will it affect the live environement in any way?

 

 

 

Highlighted
VIP Collaborator

Re: Cisco Connectivity Subscriber Publisher

Shalid mentioned this above:

"Meanwhile, check the Tomcat certificate expiry - If expired, regenerate the Tomcat certificate and restart the Tomcat service."

And here is a link to information on regenerating certificates:

CUCM Certificate Regeneration/Renewal Process

Maren

Highlighted
VIP Collaborator

Re: Cisco Connectivity Subscriber Publisher

Hi there

 

There could be multiple reasons why you are getting this error. Also please check the below link and the associated workarounds. 

 

https://www.cisco.com/c/en/us/support/docs/unified-communications/unified-communications-manager-callmanager/118927-technote-cucm-00.html

 

 

Hope this Helps

Cheers

Rath!

 

***Please rate helpful posts***

Highlighted
Beginner

Re: Cisco Connectivity Subscriber Publisher

how can I bind the hostname to an IP address in CUCM CLI as I can reach from publisher the IM and Presence and Unity but cannot reach the subscriber how can add hostname of subscriber and bind it to the IP of the subscriber

Highlighted
VIP Collaborator

Re: Cisco Connectivity Subscriber Publisher

Hey 

 

Please try out this and let me know

 

Workaround

Log in to each CUCM node separately in order to access Serviceability and Activate/Deactivate services.

Solution

  1. Enter the utils dbreplication runtimestatecommand in order to check for any dbreplication issues in the CUCM cluster.
  2. Restart the Tomcat Service with the utils service restart Cisco Tomcat command.
  3. Check for any Tomcat certificate (tomcat-trust) serial number mismatches on the nodes.
  4. Choose Cisco OS Administration > Security > Certificate Management > tomcat.pem and check whether the Tomcat certificate is expired. If expired, regenerate the Tomcat certificate and restart the Tomcat service.
    • If you use a CA signed certificate, get the Tomcat CSR re-signed by the CA, re-upload it back, and restart the Cisco Tomcat service with the utils service restart Cisco Tomcat command.
    • If you use a self-signed certificate on the affected server, regenerate the Tomcat certificate with the set cert regen tomcat command from the CLI or from OS Admin and then restart Cisco the Tomcat service with the utils service restart Cisco Tomcat command.

      This known defect is documented in Cisco bug ID CSCup10995.

Hope this helps

Cheers

Rath!

 

***Please rate helpful posts***

 

 

CreatePlease to create content
Content for Community-Ad
Future of Work Virtual Summit Day 5

Cisco COVID-19 Survey