Browse By

CUCM Bulk Certificate Import Error – Bug CSCuy43181

CUCM Bulk Certificate Import Error – Bug CSCuy43181

In our last post we discussed about “Migrating ITL files between CUCM Clusters (article link shared below). You may encounter an error while importing the consolidated certificate “com.cisco.cpi.certMgmt.CertMgrException: java.io.IOException: Error decoding PKCS 12 input” which is a bug “CSCuy43181” and the steps to import the certificate may change.

uccollabing.com

If you encounter such error, kindly follow the below steps.

  • Login to New Cisco Unified Communications Manager (All Servers running TFTP Services) > OS Administration
  • Go to Security > Certificate Management > Click on Find
  • Click on Call Manager Certificate > Download CallManager.pem in your Desktop (Repeat the same steps if you have another TFTP Servers in New Cluster)
  • Login to  Legacy Cisco Unified Communications Manager > OS Administration
  • Go to Security > Certificate Management > Click on Upload Certificate/Certificate Chain
    • Certificate Purpose > Select CallManager-Trust from drop down menu
    • Upload File > Click on Choose File and select the callmanager.pem file
    • Click on Upload
    • Certificate Purpose > Select Phone-SAST-trust from drop down menu
    • Upload File > Click on Choose File and select the callmanager.pem file
    • Click on Upload
  • Login to Legacy Cluster Cisco Unified Communication Manager > Serviceability
    • Go to Tools > Control Center – Network Services >
    • Radio Check > Cisco Trust Verification Service
    • Click on Restart
  • Now change the DHCP option 150 to point the phones to the new destination cluster
  • Reset the IP Phones from Legacy Cisco Unified Communication Manager and the IP Phones should start registering to the New Cluster if the certificate import process has worked correctly

uccollabing.com

uccollabing.com

You may also refer to – Migrating ITL Files between CUCM Clusters article –

Migrating ITL files between CUCM Clusters

Hope this helps!

Published by Team UC Collabing

2 thoughts on “CUCM Bulk Certificate Import Error – Bug CSCuy43181”

  1. James Hawkins says:

    Thanks – solved my issue.
    I appreciate you taking the time to blog about this 🙂

  2. Sami says:

    Hi,
    You might as well mention another bug that is reported on CM 9.0.1 wit the certificate export and consolidation to CM 10.x or 11.x. The bug ID is CSCua20054, this is mentioned in release notes however, everyone may not have sufficient access to view the details. Procedure mentioned above stands good to overcome error, “sftp operation failure” when trying to upload consolidate certificates on source cluster

Leave a Reply

Your email address will not be published. Required fields are marked *

Approved

Electrical Engineer CCNA Collaboration CCNA Voice CCNA R&S. I'm Electrical Engineer and I work like Support Engineer for a Telephony Service Provider Company. Before that I had position like Pre-Sale Engineer about small and medium multivendor telephony solutions. I have 5 years of experience working in Telephony Multivendor Projects. I am also 3 years of experience working in Support and implementation about Cisco Collaboration platforms: UCS server, UCM, Cisco Unity, Presence Server, Jabber, Gateway. Support Community is most useful in finding design, implementation and support tricks and shortcuts that greatly help me in my daily activities. If you need to contact me, please you can writte me.

Approved

CCNA Routing and Switching
Am a technology enthusiast. I work in network support providing support with implementation, maintaining and precisely troubleshooting the infra.
Realm of collaboration makes me want to learn and face new challenges more and more.