CUCIMOC - LDAP over SSL - Unknown Certificate

Unanswered Question
Aug 31st, 2010

Hi,

We are attempting to get LDAP over SSL working with CUCIMOC. We have generated the certificate off of the LDAP server and imported it on the client machine to the path specified in documentation. When we login, LDAP doesn't connect. We have the registery set to LDAPS with the default port. I saw in a packet capture that the client responder to the server with a: Alert (Level: Fatal, Description: Certificate Unknown).

Any ideas on why this is happening?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Bryan Geoghan Tue, 08/31/2010 - 13:17

I have been told that these two bugs are the reason for CUCIMOC not working when the client is set for LDAP SSL. Is this correct?

CSCth97641

CSF ignores CUP setting : Conferencing - Server Certificate Verification
Symptom:


Admin changes the setting on CUP Admin Page : Application -- CUPC -- Conferencing Profile -- Server Certificate Validation to All Certificates but CSF still only accepts self signed certs



Conditions:


a Certificate issued by a third party CA is being used on the Web Conferencing server, CSF will fail to connect to this server even though the Server Certificate Validation is set to All Certificates in the Conferencing Profile



Workaround:


none, other than using a self signed certificate on the conferencing server

and

CSCso60232

User Authentication over SSL link to LDAP fails for CTI Manager
Symptom:

CUPC end points in desk phone mode use QBE to establish connection to CUCM. When CUPC end point comes up CUCM authenticate the user with LDAP as configured in System->LDAP pages. When CTI Manager try to authenticate the user with LDAP over SSL connection it fails. CTI Manager complains Unknown CA.

The User Authentication passes over SSL link to LDAP by CUCM user administration, CUP authentication etc. It fails only from CTI Manager.

CUPC end points in Desk Phone mode can not come up because of this issue.


Workaround:
None

Hi Guys,

We are struck over the same issue. Is this sure that the bugs are the issue or Are we missing any information here? Atleast the CUCIMOC Client logs doesnot seem to say this issue based on my interpretaton. By the way i dont have any CTI requirement for my network. It is only Softclient. As well it works good with softclient only solution for my network.

The question is in "Not Answered" state if somebody comes to know about this issue let me know.

I appreciate your help.

Actions

This Discussion