Cisco Unified Communications Widgets

Cisco Click to Call Certificate Warning Troubleshooting Guide

Document ID: 116325

Updated: Jul 31, 2013

Contributed by Md Hasan, Cisco TAC Engineer.



This document describes how to resolve a Cisco Click to Call certificate warning.



Cisco recommends that you have knowledge of these topics:

  • Cisco Click to Call
  • Cisco Unified Communications Manager (CallManager) (CUCM)

Components Used

The information in this document is based on these software and hardware versions:

  • Cisco Click to Call, Release 7.x and 8.x
  • Microsoft Windows XP and Microsoft Windows 7

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Certificate Warning

You might see this Security Alert when you place a call with Cisco Click to Call:


If you encounter the certificate mismatch issue, you should:

  1. Ensure that the certificate is installed into either the 'current user' or 'local machine' Trusted Root Certification Authorities store. Refer to Certificate Installation for details.
  2. Ensure that the address given to the server in the Preferences field is the same as the certificate. For example, Click to Call might have the server configured with an IP address, but the certificate might be for a fully qualified domain name (FQDN). Although both point to the same CUCM, the certificate comparison fails. These two names must be the same in order to fix the mismatch.

To view the certificate in a browser, enter the CUCM address in the address bar; a notification for the certificate appears next to the address bar.

Certificate Installation

You must install the CUCM certificate in the Trusted Root Certification Authorities folder on every client computer that is running Click to Call. You can install the certificate:

  • At the local machine level, so that the certificate is available to all users of the machine.
  • At the current user level, so that the certificate is available to that user only.

Tip: Use your preferred deployment method in order to make the certificate available to your Click to Call user base.

Local Machine Level

In order to install the certificate at the local machine level, you can use a tool such as the Microsoft Certificate Manager Tool. For example, enter this command:

certmgr /add /c example.cer /s /r localMachine root

Local Account Level

This procedure describes how to install the certificate at the local account (current user) level:

  1. Click Start > Control Panel > Internet Options, then click the Content tab.
  2. Click Certificates.
  3. Click the Trusted Root Certification Authorities tab.
  4. Click Import.
  5. Follow the steps in the Certificate Import Wizard in order to import the certificate. You must install the certificate to the Trusted Root Certification Authorities folder rather than the default folder.

Note: The value of the WebDialer Service field in the Click to Call Preferences dialog box must match the name of the CUCM server in the certificate, not the IP address of the CUCM server. 

Related Information

Updated: Jul 31, 2013
Document ID: 116325