Cisco Cisco Unified MeetingPlace Audio Server Quick Setup Guide
Troubleshooting the Cisco Unified MeetingPlace Application Server
How to Solve Problems with the Application Server SSL
2
Cannot Load Certificate
Problem
After attempting to load the certificate, you see the following error message on the Display
Certificate page: Unparseable certificate extensions: 2 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
Unparseable AuthorityInfoAccess extension due to java.io.IOException: invalid URI name:file://
\\SAMPLE.string.com\CertEnroll\SAMPLE.string.com
Unparseable AuthorityInfoAccess extension due to java.io.IOException: invalid URI name:file://
\\SAMPLE.string.com\CertEnroll\SAMPLE.string.com
Possible Cause
Java.net.URL does not handle UNC paths well, "file://\\" is not a valid URI due to
the inclusion of '\\' characters as defined by RFC 2396.
Solution
Sign the certificate without the URL that includes the UNC path.
Cannot Enable SSL
Problem
You cannot enable SSL.
Possible Cause
While generating CSRs, you clicked the
more than once. This causes
the system to create a second private key that does not work with the certificate for the CSR that was
created and downloaded the first time you clicked
created and downloaded the first time you clicked
.
Solution
Obtain and upload a new certificate. This time, make sure that you click
only
once.
Possible Cause
An extra line was accidentally included at the end of the certificate. To verify, use
the Linux cat command to either view the certificate file before uploading it, or view your local copy
of the certificate file. The uploaded certificate on the Application Server is stored in a binary format,
which cannot be viewed via the Linux cat command.
of the certificate file. The uploaded certificate on the Application Server is stored in a binary format,
which cannot be viewed via the Linux cat command.
In the following sample output, notice the blank line that immediately precedes the “-----END
CERTIFICATE-----” line.
CERTIFICATE-----” line.
[root@meeting certs]# cat webapp.cert.pem
-----BEGIN CERTIFICATE-----
MIIDUzCCArygAwIBAgIDBXgLMA0GCSqGSIb3DQEBBAUAMFoxCzAJBgNVBAYTAlVTMRwwGgYDVQQK
...
hXEdFMDnNHyFa/Y8Rk//WNWGVEb57n2E/AdmIVZ3PYyxjpqDhxmhmQCo8I1rVhYzeJWXEudvUcnb
-----END CERTIFICATE-----
[root@meeting certs]#
Solution
Use any Linux editor, such as the vim command, to delete the extra line. Then use the
to upload the corrected certificate.
Possible Cause
Upon inspection, the modulus and exponent fields do not match between the public
certificate file and private key file. If these common portions do not match, the system cannot
communicate using SSL.
communicate using SSL.
Solution
Obtain and upload a new certificate.