Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1534
Views
0
Helpful
5
Replies

UCS Central untrusted cert with UCSM

dncrchic2000
Level 1
Level 1

‎04-12-2013 12:39 PM - edited ‎03-01-2019 10:58 AM

I am using the default keyring in UCSM & have installed this cert to my trusted root certs. The problem I am seeing is that everytime I go to view the fault summary tab within UCS Central & click on my UCSM, it pops up the warning "UCSM Communication Error". When I proceed to accept the certificate it tells me

"You attempted to reach X.X.X.X, but instead you actually reached a server identifying itself as Hostname"

My question is, why is UCS Central trying to connect to the IP instead of the hostname? Do I have something configured incorrectly? Or is this a bug of the first release?

0 Helpful
5 Replies 5

jgarlock9999
Level 1
Level 1

‎05-21-2013 03:54 PM

I have the same issue.  UCS Central redirects to the IP so all my certs are no good.  Will this be addressed?

Second, I don't see any way to apply my own certs

0 Helpful

padramas
Cisco Employee
Cisco Employee
In response to jgarlock9999

‎05-22-2013 12:52 AM

Hello Jon,

Can you please screen shot of the error message ?

Make sure that you have have accepted the UCSM cert an  trusted root certs in your web browser.

Padma

0 Helpful

jgarlock9999
Level 1
Level 1
In response to padramas

‎05-22-2013 02:53 AM

I think I explained wrong.  I don't have any issues with the self signed cert used by UCSC.  I'd like to apply our own cert.  I don't think we can do that so I don't have anything to screenshot.

Then there's launching UCSM from within UCSC.  It launches to an IP url, which is probably the lowest common denominator safest, but defeats the purpose of using the certs in the first place.  Even if you do accept those self signed certs, you're going to get warned that the site you're going to doesn't match the URL.

0 Helpful

padramas
Cisco Employee
Cisco Employee
In response to jgarlock9999

‎05-22-2013 05:53 AM

Hello Jon,

Currently UCS central only uses default self-signed certificate and does not support third party signed certificates.

You can track the enhancement request via this defect

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCuh06347

*NOTE* It will take a while to get published on cisco.com website.

For the second issue, I would suggest you to open a TAC service request to investigate why it uses IP address instead of name.

Padma

0 Helpful

jgarlock9999
Level 1
Level 1
In response to padramas

‎05-22-2013 06:05 AM

I wasn't going to .. I had assumed it was "normal" behaivor.  Is that not the case?  I will open a TAC case.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card