January 9, 2006
NOTICE:
THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Products Affected
|
Products Affected |
Comments |
|---|---|
|
7941 - CP-7941G |
When used with Cisco CallManager 4.0 and 4.1 |
|
7961 - CP-7961G |
When used with Cisco CallManager 4.0 and 4.1 |
|
7970 - CP-7970G |
When used with Cisco CallManager 4.0 and 4.1 |
|
7970 - CP-7971G-GE |
When used with Cisco CallManager 4.0 and 4.1 |
Problem Description
New CP-7970G, CP-7971G-GE, CP-7941G and CP-7961G phones that bundle with Manufacture-Installed Certificate (MIC) will not be able to register with Cisco CallManager or communicate with Certificate Authority Proxy Function (CAPF) process when the phone's security mode is set as Authenticated or Encrypted and MIC is used for authentication.
Background
The root certificate that signed the MIC on new 7970 and 7941/61/71 phones was not bundled with released Cisco CallManager (CCM) 4.0(x) and 4.1(x) versions. If MIC is to be used as the authentication mechanism for registration with CCM or interface with Certificate Authority Proxy Function, CCM or CAPF won't be able to honor the MIC.
Problem Symptoms
Phones using MIC to register with CallManager, or to install a Locally Significant Certificate (LSC) with the Certificate Authority Proxy Function, will fail.
Workaround/Solution
Workaround:
For phones with the new MIC, the system administrator can schedule a certificate install/upgrade with the Certificate Authority Proxy Function (CAPF) by choosing the null string or authentication string option to install a LSC on the phone.
Solution:
This is fixed in CCM versions 4.1(3)SR2 and 4.0(2a)SR2c. In order to avoid the cumbersome workaround, Cisco recommends that you upgrade to the appropriate Cisco CallManager release.
DDTS
To follow the bug ID link below and see detailed bug information, you must be a registered user and you must be logged in.
|
DDTS |
Description |
|---|---|
|
CSCsb27001 (registered customers only) |
Support new phone cert in CAPF |
Revision History
|
Revision |
Date |
Comment |
|---|---|---|
|
1.0 |
09-JAN-2006 |
Initial Public Release |
For More Information
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Receive Email Notification For New Field Notices
Product Alert Tool - Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.