Guest

Cisco Unified IP Phone 7900 Series

Field Notice: FN - 62224 - IP Phones may not Boot Up when MIC is used for Authentication on Cisco Call Manager 4.0 or 4.1


January 9, 2006

NOTICE:

THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.


Products Affected

Products Affected

Comments

7941 - CP-7941G

When used with Cisco CallManager 4.0 and 4.1

7961 - CP-7961G

When used with Cisco CallManager 4.0 and 4.1

7970 - CP-7970G

When used with Cisco CallManager 4.0 and 4.1

7970 - CP-7971G-GE

When used with Cisco CallManager 4.0 and 4.1

Problem Description

New CP-7970G, CP-7971G-GE, CP-7941G and CP-7961G phones that bundle with Manufacture-Installed Certificate (MIC) will not be able to register with Cisco CallManager or communicate with Certificate Authority Proxy Function (CAPF) process when the phone's security mode is set as Authenticated or Encrypted and MIC is used for authentication.

Background

The root certificate that signed the MIC on new 7970 and 7941/61/71 phones was not bundled with released Cisco CallManager (CCM) 4.0(x) and 4.1(x) versions. If MIC is to be used as the authentication mechanism for registration with CCM or interface with Certificate Authority Proxy Function, CCM or CAPF won't be able to honor the MIC.

Problem Symptoms

Phones using MIC to register with CallManager, or to install a Locally Significant Certificate (LSC) with the Certificate Authority Proxy Function, will fail.

Workaround/Solution

Workaround:

For phones with the new MIC, the system administrator can schedule a certificate install/upgrade with the Certificate Authority Proxy Function (CAPF) by choosing the null string or authentication string option to install a LSC on the phone.

Solution:

This is fixed in CCM versions 4.1(3)SR2 and 4.0(2a)SR2c. In order to avoid the cumbersome workaround, Cisco recommends that you upgrade to the appropriate Cisco CallManager release.

DDTS

To follow the bug ID link below and see detailed bug information, you must be a registered user and you must be logged in.

DDTS

Description

CSCsb27001 (registered customers only)

Support new phone cert in CAPF

Revision History

Revision

Date

Comment

1.0

09-JAN-2006

Initial Public Release

For More Information

If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:

Receive Email Notification For New Field Notices

Product Alert Tool - Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.