Troubleshoot Certificate Errors
Before you begin
If you encounter an error when you attempt to access Unified Communications Manager services from an IM and Presence Service node or IM and Presence Service functionality from a Unified Communications Manager node, the source of the issue is the tomcat-trust certificate. The error message Connection to the Server cannot be established (unable to connect to Remote Node) appears on the following Serviceability interface windows:
-
Service Activation
-
Control Center - Feature Services
-
Control Center - Network Services
Use this procedure to help you resolve the certificate error. Start with the first step and proceed, if necessary. Sometime, you may only have to complete the first step to resolve the error; in other cases, you have to complete all the steps.
Procedure
Step 1 |
From Cisco Unified OS Administration, verify that the required tomcat-trust certificates are present: .If the required certificates are not present, wait 30 minutes before checking again. |
Step 2 |
Choose a certificate to view its information. Verify that the content matches with the corresponding certificate on the remote node. |
Step 3 |
From the CLI, restart the Cisco Intercluster Sync Agent service: utils service restart Cisco Intercluster Sync Agent. |
Step 4 |
After the Cisco Intercluster Sync Agent service restarts, restart the Cisco Tomcat service: utils service restart Cisco Tomcat. |
Step 5 |
Wait 30 minutes. If the previous steps do not address the certificate error and a tomcat-trust certificate is present, delete the certificate. After you delete the certificate, you must manually exchange it by downloading the Tomcat and Tomcat-ECDSA certificate for each node and uploading it to its peers as a tomcat-trust certificate. |
Step 6 |
After the certificate exchange is complete, restart Cisco Tomcat on each affected server: utils service restart Cisco Tomcat. |