Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Cisco IP Phone shows Certificate Expired and does not register

Posted on 2013-06-24
6
Medium Priority
?
1,255 Views
Last Modified: 2013-07-14
Hello everyone!

We are using Cisco Call Manager 6.1, some phones got unregistered, when I look in debug messages in IP Phone web page, I can see this error

ERR 04:27:43.532340 SECD: EROR:clpState: SSL3 alert read:fatal:certificate expired:<192.168.16.6>
ERR 04:27:43.533242 SECD: EROR:clpState: SSL_connect:failed in SSLv3 read finished A:<192.168.16.6>
ERR 04:27:43.533511 SECD: EROR:clpSetupSsl: ** SSL handshake failed, <192.168.16.6> c:7 s:8
ERR 04:27:43.533717 SECD: EROR:clpSetupSsl: SSL/TLS handshake failed, <192.168.16.6> c:7 s:8
ERR 04:27:43.533917 SECD: EROR:clpSetupSsl: SSL/TLS setup failed, <192.168.16.6> c:7 s:8
ERR 04:27:43.534106 SECD: EROR:clpSndStatus: SSL CLNT ERR, srvr<192.168.16.6>
ERR 04:27:43.534321 SECD: EROR:clpSndStatus: ** SEC-ERR: code:5(SSL_ALERT) subcode:45(EXPIRED_CERT)
ERR 04:27:43.534514 SECD: EROR:clpSndStatus: ** SEC-ERR: desc <certificate expired>


Need to mention that we were using MIC certificates for TLS, if I install LSC certificate on those unregistered phones, they register succesfully

Why do I get those error messages?

Thank you!
0
Comment
Question by:fgasimzade
  • 2
3 Comments
 
LVL 81

Expert Comment

by:arnold
ID: 39304985
You need to have a local CA configured that will issue/renew certificates.
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/security/8_6_1/secugd/secucapf.html#wp1120152
You might be missing the automated portion configuration. When manually issuing the certificates, the phones will function without an issue for the length of the issued cert.
0
 
LVL 18

Accepted Solution

by:
fgasimzade earned 0 total points
ID: 39309917
Solved by installing LSC certificates to the affected phones
0
 
LVL 18

Author Closing Comment

by:fgasimzade
ID: 39324369
Solved by installing LSC certificates to the affected phones
0

Featured Post

[Video] Oticon Case Study

Open office environments can create the dynamics for innovation, but they also bring some challenges. With over 1,000 employees in an open office, Oticon needed a solution that would preserve the environment while mitigating disruptive background noises.

Watch how they did it.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With the shift in today’s hiring climate (http://blog.experts-exchange.com/ee-blog/5-tips-on-succeeding-in-the-new-gig-economy/?cid=Blog_031816), many companies are choosing to hire freelancers to get projects completed efficiently and inexpensively…
Not everyone has adapted to a rapid advancement in technology; there are people who are reluctant or afraid to delve into this brave new world of IT. If you have a friend or a family member who suffers from the so-called technophobia, here is how yo…
Notifications on Experts Exchange help you keep track of your activity and updates in one place. Watch this video to learn how to use them on the site to quickly access the content that matters to you.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Suggested Courses
Course of the Month20 days, 19 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question