Re: [cisco-voip] UCCX 11.5 Upgrade Disaster

[Clifford McGlamry]

Actually, there is a patch available from TAC which removes the requirement.  
For some reason, they say it cannot be used on a fresh install.  Bug ID is 
CSCvb46250

[cid:7B753D54-D81D-480C-A472-B65436D36C6C]
Cliff McGlamry, CCIE Collaboration #24757
Master Consultant
(678) 934-0348   direct
(404) 969-9806   mobile
(678) 934-0448   fax
cmcgla...@forsythe.com<Mailto:cmcgla...@forsythe.com>



Forsythe Technology, Inc.
400 Interstate North Parkway
Suite 860
Atlanta, GA 30339
http://www.forsythe.com









[cid:image002.gif@01CF4639.53D2D540]



From: cisco-voip [mailto:cisco-voip-boun...@puck.nether.net] On Behalf Of 
Anthony Holloway
Sent: Wednesday, November 16, 2016 2:43 PM
To: Heim, Dennis
Cc: cisco-voip@puck.nether.net
Subject: Re: [cisco-voip] UCCX 11.5 Upgrade Disaster

According to the quote I replied with: "This is required for the Live Data 
functionality", it would seem so.

Also, this forum post says the same.

https://supportforums.cisco.com/discussion/13141166/uccx-115-do-you-need-both-tomcat-and-tomcat-ecdsa-certificates

Though I have not played with 11.5 just yet.

On Tue, Nov 15, 2016 at 7:06 PM, Heim, Dennis 
<dennis.h...@wwt.com<mailto:dennis.h...@wwt.com>> wrote:
Is tomcat-ECDSA required in order to use signed certificates on the live data?

From: cisco-voip 
[mailto:cisco-voip-boun...@puck.nether.net<mailto:cisco-voip-boun...@puck.nether.net>]
 On Behalf Of Anthony Holloway
Sent: Tuesday, November 15, 2016 4:44 PM
To: Randall (Randy) Raitz 
<randy.ra...@readytalk.com<mailto:randy.ra...@readytalk.com>>
Cc: cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
Subject: Re: [cisco-voip] UCCX 11.5 Upgrade Disaster

It was version 11.5 which brought Tomcat to ECDSA certs and is causing those 
new challenges, so you wouldn't have seen the same issues as Greg.

"Note: When you use UCCX 11.5 and later, there is a new certificate for 
tomcat-ECDSA. When you use CA signed certificates, ensure that the CSR is 
downloaded for this certificate as shown previously and the application 
certificate for tomcat-ECDSA is uploaded into the tomcat-ECDSA as explained in 
the previous procedure. This is required for the Live Data functionality which 
uses Socket IO from UCCX 11.5"

Source: 
http://www.cisco.com/c/en/us/support/docs/customer-collaboration/unified-contact-center-express/118855-configure-uccx-00.html



On Tue, Nov 15, 2016 at 1:05 PM, Randall (Randy) Raitz 
<randy.ra...@readytalk.com<mailto:randy.ra...@readytalk.com>> wrote:
We didn’t have those failures, though we took call manager , IM&P, and unity 
connection to 11.5 and UCCX to 11.0.1 several weeks ago. I believe at the time, 
there was not a compatible version of UCCX to go to 11.5 with, but the 
11.0.1.10000-75 was listed as a supported matrix.

From: cisco-voip 
[mailto:cisco-voip-boun...@puck.nether.net<mailto:cisco-voip-boun...@puck.nether.net>]
 On Behalf Of Ayoub,Gregory
Sent: Monday, November 14, 2016 12:53 PM
To: cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
Subject: [cisco-voip] UCCX 11.5 Upgrade Disaster

We recently attempted to upgrade UCCX 10.5 -- > 11.5.  The deployment was HA, 
and we didn’t see much risk.   The upgrade went fairly smooth, and we hit a 
finesse bug which required the ECDSA COP file.  While minor, it’s still not 
mentioned in the release notes.

The real shocker was 4 hours later when the system stopped accepting calls and 
just handed out fast busys.  Failing over to the secondary would fix the issue 
for a few minutes, but then fast busy.

Our entire contact center, which is HA, was entirely down.  Primary down, 
Secondary Down, and TAC was unable to resolve after hours and hours.  It was a 
total unmitigated Cisco disaster.

Rolling back fixed the problem.  And then rolling forward again to 11.5 the 
system worked great again – but only for 4 hours.  Then endless fast busys.  We 
rolled back and are on 10.5 working fine.  But we are at a loss what could be 
causing this problem.  Cisco TAC is in the same boat.

If I had to guess, that seems like more of a licensing failure, because TAC 
even tried replacing our license.   Anyone have a similar experience?

Thanks Greg.






Disclaimer

The information contained in this communication from the sender is 
confidential. It is intended solely for use by the recipient and others 
authorized to receive it. If you are not the recipient, you are hereby notified 
that any disclosure, copying, distribution or taking action in relation of the 
contents of this information is strictly prohibited and may be unlawful.

This email has been scanned for viruses and malware, and may have been 
automatically archived.

_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip


NOTICE OF CONFIDENTIALITY:  
The information contained in this email transmission is confidential 
information which may contain information that is legally privileged and 
prohibited from disclosure under applicable law or by contractual agreement.  
The information is intended solely for the use of the individual or entity 
named above.  
If you are not the intended recipient, you are hereby notified that any 
disclosure, copying, distribution or taking of any action in reliance on the 
contents of this email transmission is strictly prohibited.  
If you have received this email transmission in error, please notify us 
immediately by telephone to arrange for the return of the original transmission 
to us.

_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip