
Configuring Secure SRST for SCCP and SIP
How to Configure Secure Unified SRST
195
Cisco Unified SCCP and SIP SRST System Administrator Guide
OL-13143-04
Troubleshooting Credential Settings
The following steps display credential settings or set debugging on the credential settings of the
Cisco Unified SRST Router.
SUMMARY STEPS
1.
show credentials
2.
debug credentials
DETAILED STEPS
Related Commands
Use the following commands to show if a certificate cannot be found (you are missing a certificate that
you are trying to authenticate) or to show that a particular certificate has matched (so you know what
certificate the router used to authenticate a phone):
•
debug crypto pki messages
•
debug crypto pki transactions
Importing Phone Certificate Files in PEM Format to the Secure SRST Router
This task completes the tasks required for Cisco IP Unified Phones to authenticate secure SRST.
Command or Action
Purpose
Step 1
show credentials
Example:
Router# show credentials
Credentials IP: 10.1.1.22
Credentials PORT: 2445
Trustpoint: srstca
Use the
show credentials
command to display the
credential settings on the Cisco Unified SRST
Router that are supplied to Cisco
Unified Communications Manager for use during
secure Cisco Unified SRST fallback.
Step 2
debug credentials
Example:
Router# debug credentials
Credentials server debugging is enabled
Router#
Sep 29 01:01:50.903: Credentials service: Start TLS
Handshake 1 10.1.1.13 2187
Sep 29 01:01:50.903: Credentials service: TLS
Handshake returns OPSSLReadWouldBlockErr
Sep 29 01:01:51.903: Credentials service: TLS
Handshake returns OPSSLReadWouldBlockErr
Sep 29 01:01:52.907: Credentials service: TLS
Handshake returns OPSSLReadWouldBlockErr
Sep 29 01:01:53.927: Credentials service: TLS
Handshake completes.
Use the
debug credentials
command to set
debugging on the credential settings of the Cisco
Unified SRST Router.