cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1791
Views
0
Helpful
8
Replies

Cisco Connectivity Subscriber Publisher

tanios191
Level 1
Level 1

Dear Team,

 

I have a problem recently between Cisco Publisher and Subscriber when I try to reach the subscriber from the serviceability list 

I got below message :

 

Connection to the Server cannot be established(Certificate Exception)

When I try to navigate below in CLI on Publisher I got below:utils dbreplication runtimestate

(-) DB Active-Error

 

Even there is no reachibility between subscriber and publisher eventhough the two are on same network

 

8 Replies 8

 . Hi Tanios, 

 

Can you check the DB replication status by issue the command - utils dbreplication status  to get updated data. 

 

you probably need to repair the DB replication first and ensure that you have good DB replication between the nodes if you get the same error again when you run the command utils dbreplication runtimestate.

 

 

meanwhile, check the tomcat certificate expiry - If expired, regenerate the Tomcat certificate and restart the Tomcat service.

 

Regards,

Shalid 

 

 

will this affect the anything running?

Hi Tanios,

the DB repair doesn't impact anything much. But tomcat service restart will impact where users unable to access the portal until the reboot completed. also, users won't be able to log into the IP phone services (for example EM). but doesn't affect for logged in users.

Regards,
Shalid

Which certificates I should check if expired?

Can you provide with detailed technique to regenerate the certificate?

Will it affect the live environement in any way?

 

 

 

Shalid mentioned this above:

"Meanwhile, check the Tomcat certificate expiry - If expired, regenerate the Tomcat certificate and restart the Tomcat service."

And here is a link to information on regenerating certificates:

CUCM Certificate Regeneration/Renewal Process

Maren

Ratheesh Kumar
VIP Alumni
VIP Alumni

Hi there

 

There could be multiple reasons why you are getting this error. Also please check the below link and the associated workarounds. 

 

https://www.cisco.com/c/en/us/support/docs/unified-communications/unified-communications-manager-callmanager/118927-technote-cucm-00.html

 

 

Hope this Helps

Cheers

Rath!

 

***Please rate helpful posts***

how can I bind the hostname to an IP address in CUCM CLI as I can reach from publisher the IM and Presence and Unity but cannot reach the subscriber how can add hostname of subscriber and bind it to the IP of the subscriber

Hey 

 

Please try out this and let me know

 

Workaround

Log in to each CUCM node separately in order to access Serviceability and Activate/Deactivate services.

Solution

  1. Enter the utils dbreplication runtimestatecommand in order to check for any dbreplication issues in the CUCM cluster.
  2. Restart the Tomcat Service with the utils service restart Cisco Tomcat command.
  3. Check for any Tomcat certificate (tomcat-trust) serial number mismatches on the nodes.
  4. Choose Cisco OS Administration > Security > Certificate Management > tomcat.pem and check whether the Tomcat certificate is expired. If expired, regenerate the Tomcat certificate and restart the Tomcat service.
    • If you use a CA signed certificate, get the Tomcat CSR re-signed by the CA, re-upload it back, and restart the Cisco Tomcat service with the utils service restart Cisco Tomcat command.
    • If you use a self-signed certificate on the affected server, regenerate the Tomcat certificate with the set cert regen tomcat command from the CLI or from OS Admin and then restart Cisco the Tomcat service with the utils service restart Cisco Tomcat command.

      This known defect is documented in Cisco bug ID CSCup10995.

Hope this helps

Cheers

Rath!

 

***Please rate helpful posts***

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: