ā08-10-2011 02:03 AM - edited ā03-21-2019 04:29 AM
Hi,
When I launch the CCA to configure my UC540 FXO, I encounter a problem with the https connection. I get this error message āUnable to connect. SSL handshake process failed. The secure connection through HTTPS could not be establishedā (cf screenshot in attachement).
The connection in http is ok.
This message doesnāt appear the first time that I try to connect to the UC. This error appears after some days of configuration and some tests. I donāt make any specific action or configuration which can cause this problem.
I searched in certmgr.msc if there was an obsolete Cisco certificate but I found nothing in the console.
The only solution I found to resolve this problem is to reset the factory default settings and reconfigured totally my UCā¦
I now use the CCA 3.1.0 and the software pack 8.2, but i I already met the problem with the older version (CCA 3.0.1 and software pack 8.1.0).
Has anyone encountered a similar problem?
I join a Wireshark capture corresponding to the connection with the CCA to the UC540.
Thanks for your help.
ā08-10-2011 04:12 PM
Hi Julien,
You can turn of HTTPS and just have it go through port 80 if 443 is giving you issues, I think the only time you would really want HTTPS is if you would attempt to get CCA to connect remotely (Never tried it this way always just use VPN).
But you may need to check the CLI and see if the following is enabled on those systems giving you the issue:
ip http server
ip http authentication local
ip http secure-server
ip http path flash:
Cheers,
David.
ā08-11-2011 03:53 AM
Hi David,
I agree with you, the http works for administrate my UC540 but i want understand what cause this problem.
I check in CLI the four lines that you provided, these lines are ok and identics to yours.
Cheers
ā08-11-2011 07:44 PM
JULIEN!!!!
I had a revelation this morning and thought I would put my theory to the test
So I had another look at your image and noticed you were in the hostname/address tab, and I figured I would try and replicate what you are doing... At first I could not produce the results, but then realized OF COURSE!! Because CCA had already connected to these two systems before.... SO I tried it on a new UC-540 that I haven't connected to and was able to generate the same error... WhooooHoooo!!!!!!!!
OK so here is my theory, when you add a new site the system always prompts you with the certificate screen to accept, deny or choose always... But when you do it from the second tab, this does not appear even on a fresh system, I have no idea why, maybe a bug in CCA 3.1???.
So to get HTTPS to work, you need to add it to site and CCA needs to use that certificate to authenticate the HTTPS session
Well this is what my tests this morning revealed, it could just be a fluke that I was able to reproduce it (And yes that can happen a lot with me), or my theory is right, either way I am sure someone from Cisco will chime in and put me straight or confirm my theory
Cheers,
David.
ā08-16-2011 08:04 AM
Hi David,
I'm not sure that you're right because some quick tests with a "site" connection show me a connection in http.
I will make some other tests and i will give you my results.
Cheers,
ā08-17-2011 03:50 PM
Thanks Julien,
I await your results, I am interested in seeing what you come back with
Cheers,
David.
ā10-06-2011 09:03 AM
Thanks. I had the same problem and this did work for me.
ā08-27-2013 11:22 AM
i have same proplem i need any one to help me as soon
i tray to this comment but stil the problem
ip http server
ip http authentication local
ip http secure-server
ip http path flash:
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: