Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IM and Presence 10.0

Hi All,

I was trying to setup an signed ssl cert for my presence install but i broke something.  Thus far i have only generated a sign request for the tomcat web services, and uploaded the root cert as well as the signed cert from the vender.

 

Now call manager does not see the services running in im and presence server.  When i do a diag in IM and presence server, the following fail

Fail

 

 

Warn
Warn

 

 

 

3 REPLIES

If you look on CUCM, there

If you look on CUCM, there are Tomcat-Trust certs....essentially copies of the certificate so that CUCM knows to trust it. 

Chances are good that if you replaced the tomcat cert on the IM&P server you'll need to delete the existing Tomcat-Trust on the CUCM servers, and upload an exported copy of the TOMCAT cert into them as a tomcast-trust. 

This is a real pain, but I've had to do it to get servers relinked before when a cert replacement breaks something.

New Member

Just Generate Self-signed

Just Generate Self-signed from Cisco Unified OS Administration/Security on both server and wait 10 minutes and will work.

Cheers 

New Member

I'm having the same problem.

I'm having the same problem.  In an attempt to change the IM&P default domain I disabled HA on the Presence Group then disabled the requisite services on each member of the cluster then went to the Advanced Presence settings but the option was still grayed out.  Now when I look in the system troubleshooter I see the message above (Could not determine the status of the Cisco IM and Presence Data Monitor service on the following nodes) in addition to errors resulting from the services I stopped.  I have made sure no services are starting, stopping, or restarting and retried the tests with the same results.

We are in the process of installing certs for tomcat and cup-xmpp.  So far tomcat is done and I was working on xmpp when I realized the default domain field was adding an invalid SAN to the CSR.

 

Any ideas?

1536
Views
0
Helpful
3
Replies
CreatePlease to create content