Document ID: 116300
Updated: Aug 01, 2013
Contributed by Jasmeet Sandhu, Cisco TAC Engineer.
This document describes the process to troubleshoot Secure Computer Telephony Integration (CTI) for Cisco Unified Communication (UC) Integration with IBM Sametime.
Cisco recommends that you have knowledge of Cisco Unified Communications Manager.
The information in this document is based on Cisco Unified Call Manager Release 8.x.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
- Ensure the security token has been installed on the Cisco Call Manager.
- Go to Call Manager Admin Page > System > Enterprise Parameters > Security Parameters.
- If the Cluster Security Mode is "0", this indicates the Certificate Trust List (CTL) client is not configured or not installed in the security mode.
- The Cluster Security Mode is "1" when it has been installed.
- Go to Call Manager Admin Page > User Management > End User -> Permissions Information.
- Go to Call Manager Admin Page > User Management > End User CAPF Profile.
- Ensure the CAPF files for the user are created.
- The format for CAPF file Instance ID must be <Call Manager User ID><num> where <num> is an integer from "0" to "4".
- These files are located at:
- Windows XP: C:\Documents and Settings\<username>\Local Settings\ Application Data\Cisco\SametimePhone\Certificates\ (Windows XP)
- Windows 7: C:\Users\<username>\AppData\Local\Cisco\SametimePhone\Certificates\
- The directory name starts with <username><server> and should contain:
- At least one server file
- A client file
- A CTL file
- Example files for user "johndoe":
- "Use Secure Connection" flag is checked
- TFTP server (usually the Call Manager Server)
- TFTP port (default 69)
- CAPF server (usually the Call Manager Server)
- CAPF port (default 3804)
- Go to Sametime preferences > Cisco > Phone Control, and ensure the "Servers" field is not editable. It is not allowed to change the security servers at runtime.
The administrator can set this field as read-only, but if it is editable the Secure CTI is not enabled.
The Cisco Support Community is a forum for you to ask and answer questions, share suggestions, and collaborate with your peers.
Refer to Cisco Technical Tips Conventions for information on conventions used in this document.