Cant access serviceability from one CUCM server to the next

Unanswered Question
Oct 6th, 2009
User Badges:
  • Green, 3000 points or more

If I log into my pub and serviceability, I try to access my other subs. I keep getting an error when trying to access the other servers from the drop down list. Although, everything is replicating throughout the cluster, I can log into another CUCM and only use serviceability for that one server also.


Im going to do a reset tonight on the cluster. the logs are clean and clear on RTMT on all servers. It's very odd. I thought maybe a security password would be wrong, but there are no errors anywhere on any server in the cluster.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.8 (4 ratings)
Loading.
virverma Tue, 10/06/2009 - 09:17
User Badges:
  • Silver, 250 points or more

could you paste a screenshot of error you are getting?

Tommer Catlin Tue, 10/06/2009 - 09:25
User Badges:
  • Green, 3000 points or more

Status: Connection to the server cannot be established(Unknown Error)

I see a few others in the forum have had this problem.


I did check to see if the application ID and the OS id were the same, etc, everything looks good there.

Kevin Long Tue, 04/06/2010 - 19:57
User Badges:

Hey Tommer, long time no talk to man.  I am having the same issue with CUCM 7.1.3, did you ever figure this out?

Have an open TAC case but you know how it goes, hook a brother up.

Tommer Catlin Wed, 04/07/2010 - 08:08
User Badges:
  • Green, 3000 points or more

Its some kind of TomCat bug.   Did you change the name of servers after the upgrade or anything?  Or IP addressses?  I moved onto another job and did not get a resolution to the problem before I left.  I suspect it has to do with the certs built into CUCM.  You can try to reset the cert in the OS GUI.   There are steps listed in the forums here on how to do that.


TAC wanted all these wireshark traces between the cucm servers and I couldnt get back to the datacenter to stream this steam out.   Yeah, I could have done a capture from CUCM I guess.... but hindsite I guess.....

alexis.katsavras Mon, 12/09/2013 - 00:00
User Badges:

This is the top hit in goolge when I was having this issue so though i would add the following solution.

I had this issues with CUCM9.1


In the Pub go to:

1. OS Administrator > Security > Certificate Managment

2. Download the cert: ipsec-trust


In the sub your having the issue

1. OS Administrator > Security > Certificate Managment

2. Delete the cert: ipsec-trust

2. Upload the ipsec-trust cert you downloaded from the Pub.


On both the Pub and Sub restart tomcat from the cli


Hopre that helps


Thanks

Alexis


http://www.netpacket.co.uk/
http://www.blog.netpacket.co.uk/

Aman Soi Mon, 12/09/2013 - 00:09
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 IP Telephony

Hi,


there is a bug associated to this issue


Unified Serviceability Tools can not connect to other nodes

CSCud67438



Symptom:
Cisco Unified Serviceability pages Tools -> Service Activation or Control Center Feature or Network Services can not connect to other nodes in the cluster.


When another node is selected the Status indicates


Connection to the Server cannot be established (Unknown Error)


Conditions:
CCMService Tomcat logs indicates the following error message when attempting to connect to other nodes in the cluster,


{http://xml.apache.org/axis/}stackTrace:javax.net.ssl.SSLException: Certificate not verified.


Workaround:
We have the following workarounds
- Accessing SUB serviceability pages directly
- Restarting tomcat on PUB ( once ) after the upgrade


For SNMP configuration where same Community string needs to be added or modified on all nodes, again using a Subscriber node instead of the Publisher also seems to work in this case.



regds,

aman

managemyuc Mon, 09/29/2014 - 12:40
User Badges:

5 stars for the post. Have been able to resolve issues couple of times with this procedure.

Thanks,
Sami

Muzzamil Hussain Mon, 10/13/2014 - 12:37
User Badges:

We faced this issue in our test environment and we regenerated   " ipsec.pem" certificate in SUB only

then all started fine

Actions

This Discussion