Articles in this section

See more

SSL Error from CUCM

Avatar
DevNet Support
Updated
Follow

We are writing to ask about how to solve the problem that we encounter when we are trying to develop the sample of Cisco API application.

 

We have tried to run the sample of Cisco API sample application from the DevNet form.

Here is the link of the sample that we've tried and followed:

https://developer.cisco.com/site/extension-mobility/learn/sample-apps/index.gsp

 

 

package asd;

 

 

import java.io.*;

import java.net.*;

import javax.net.ssl.*;

import java.security.*;

import java.security.cert.X509Certificate;

import java.net.URLEncoder;

import javax.xml.ws.Service;

import javax.net.ssl.TrustManagerFactory;

 

 

 

 

public class asdf {

 

 

 

  public static void main(String[] args) throws Exception {

  //EM API service URL on Unified CM host host.com

  //Note this sample assumes the certificate for the host with subject

  //name 'cucm-host.com' has been imported into the Java keystore

  //To test with insecure connection use the URL as http://cucm-host.com:8080/emservice/EMServiceServlet

  URL url = new URL("https://192.168.10.11:8443/emservice/EMServiceServlet");

  

  //Create a java.net URLConnection object to make the HTTP request

  URLConnection conn = url.openConnection();

  //setDoOutput=true causes the URLConnection to perform a POST operation

  conn.setDoOutput(true);

  //The request body will be in HTTP form encoded format

  conn.setRequestProperty("Content-Type","application/x-www-form-urlencoded");

  

  //Build a string containing the contents of the E/M API XML request - here 'login'

  String EMRequest = "<request><appinfo><appid>operator</appid><appcertificate>operator</appcertificate></appinfo>";

  EMRequest += "<login><devicename>SEP000000000001</devicename><userid>user01</userid><deviceprofile>EM-USER01</deviceprofile>";

  EMRequest += "<exclusiveduration><time>60</time></exclusiveduration></login></request>";

  //URL encode/escape the request

  EMRequest = URLEncoder.encode(EMRequest,"UTF-8");

  //Build the complete HTTP form request body

  EMRequest = "xml="+EMRequest;

  

  //Create an OutputStreamWriter for the URLConnection object and make the request

  OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());

  writer.write(EMRequest);

  writer.flush();

  

  //Read the response

  BufferedReader reader = new BufferedReader(new InputStreamReader(conn.getInputStream()));

  

  //Output the response to the console

  String line;

  while ((line = reader.readLine()) != null) {

  System.out.println(line);

  }

  

  //Cleanup the stream objects

  writer.close();

  reader.close();

 

 

  }

 

 

 

 

  private static void disableSslVerification() {

     try

     {

         // Create a trust manager that does not validate certificate chains

         TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {

             public java.security.cert.X509Certificate[] getAcceptedIssuers() {

                 return null;

             }

             public void checkClientTrusted(X509Certificate[] certs, String authType) {

             }

             public void checkServerTrusted(X509Certificate[] certs, String authType) {

             }

         }

         };

 

 

         // Install the all-trusting trust manager

         SSLContext sc = SSLContext.getInstance("SSL");

         sc.init(null, trustAllCerts, new java.security.SecureRandom());

         HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

 

 

         // Create all-trusting host name verifier

         HostnameVerifier allHostsValid = new HostnameVerifier() {

             public boolean verify(String hostname, SSLSession session) {

                 return true;

             }

         };

 

 

         // Install the all-trusting host verifier

         HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);

     } catch (NoSuchAlgorithmException e) {

         e.printStackTrace();

     } catch (KeyManagementException e) {

         e.printStackTrace();

     }

  }

 

}

 

 

 

We have followed the steps, but we can not solve the SSL error:

Exception in thread "main" javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present

at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)

at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937)

at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)

at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)

at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1478)

at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212)

at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)

at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)

at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)

at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)

at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)

at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)

at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)

at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)

at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1282)

at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1257)

at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)

at asd.asdf.main(asdf.java:41)

Caused by: java.security.cert.CertificateException: No subject alternative names present

at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:144)

at sun.security.util.HostnameChecker.match(HostnameChecker.java:93)

at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455)

at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:436)

at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:200)

at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)

at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1460)

... 13 more

 

This walk-through for another CUCM web services API (AXL) describes the generic steps for importing a certificate into a standard Java framework: Cisco AXL

 

If your environment is different or you are still not successful with the sample, you may need to look for general HTTPS/certificate support from the greater Java web community.

 

 

thank you for reply. i solve about certificate issue . But still unsuccessful to do login without errors and showing "Error processing request: null". i already tried

Cisco AXL

but, i have a problem when i did command prompt, there's still error with wsimport is not recognized.

 

On my system (Ubuntu Linux 14.04 64bit) with Oracle Java 1.7 installed and everything set at default, wsimport is located in:

/usr/lib/jvm/java-7-oracle/bin

 

Note, this is different from the usual Java bin directory, e.g.: /usr/lib/jvm/java-7-oracle/jre/bin/

 

If wsimport is not in  your system path (e.g. using Windows), you may need to add it to the path, or change to your $JAVA_HOME/bin/ directory in order to execute wsimport.

 

Comments

0 comments

Please sign in to leave a comment.