Errors and Troubleshooting

This section provide information about the status codes and how to enable and collect the Certificate Management logs to troubleshoot the API failures or errors.

Status Codes

Error responses from the API generally use standard HTTP status codes. The codes in the 2xx range indicate success, codes in the 4xx range indicate an error, and codes in 5xx range indicates the server error. Some examples:

Below example will show error message from one of APIs:

{
   "key": 400,
   "messages": ["Invalid JSON Format"],
   "trackingId": "UC_24aed173-4f10-4a41-9c4f-23e1286daaf5"
}

Troubleshooting

This section help the user to enable and collect the logs, in case the API failed due to some issue.

Enable the Certificate Management Logs from the Serviceability Window

1. From the Unified CM Administration window, choose Cisco Unified Serviceability. Click Go.

2. Choose Trace > Configuration.
   

3. From the Servers column, select the server and click GO.

4. From the Service Group box, select Platform Services and click GO.

5. From the Services box, select the Platform Administrative Web Service and click GO.

6. Check the Trace On check box.

7. If you want the trace to apply to all Unified CM servers in the cluster, select the Apply to All Nodes check box.

8. From the Debug Trace Level field, select Debug.

9. Similarly, From the Services box, select the Platform Communication Web Service and click GO.

Gather the Certificate Management Logs using the RTMT Tool

1. Log into CUCM Administration.
2. Go to Applications, choose Plugins.
   
3. Search and find the Real Time Monitoring Tool.
4. Download the Cisco Unified CM Real-Time Monitoring tool (RTMT).
   
5. Install the RTMT tool.
6. Start the RTMT tool.
7. Enter the address of the CUCM server you want to monitor.
   
8. Log into the server.
9. To collect logs and traces, go to Trace central and double-click Collect Files.
10. Check All Servers for IPT Platform CertMgr Logs, Platform Administrative Web Service and Platform Administrative Web Service.
    
11. On Collect File Options screen, select an Absolute Range approx. 30 min before and after your test run. Zip-ing the files is convenient. Please email or attach to your case using the online TAC case tool.
12. Also provide the trackingId from the response, along with the above logs which will help with debugging.

{
"csr":"-----BEGIN CERTIFICATE REQUEST-----\nMIIC1DCCAbwCAQAwUjELMAkGA1UEBhMCVVMxCjAIBgNVBAgTAWkxCjAIBgNVBAcT\nAWkxCjAIBgNVBAoTAWkxCjAIBgNVBAsTAWkxEzARBgNVBAMTCnNqdm0yMC0xNTAw\nggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEHked2rjzAvxPMg0lLpOG\ne3h2ZDy6QUg2331b+KQgGGGduYt+Va5NpEbsQQzDX/jsBYOOGqsOtcTrdmgvppOZ\n6f4fqM1JqzzKkxK6oOKlvGP7IROmrTBL94WHpSyGDk9snkxlSm6oPOVFDDyUfqVr\nUmkt+JSGcpFSiKFP1ef9eSgoWduikkBm0ZcOH7urjA+Xjfdn/ZBHvjYiQYh2LX0i\nJ6VjpsG1HbGhKecUJ8f7j/cs9NWNpouTQAHA6cw/FRDQV7mlx5Z8w3eLhDA+9Tqu\nB2bwHu0wDwx9cDtox9ZMruRX3zaDYmn4ewaSSMcZMCUTDkd+E7FxDtRPcnOw/ruP\nAgMBAAGgPTA7BgkqhkiG9w0BCQ4xLjAsMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr\nBgEFBQcDAjALBgNVHQ8EBAMCBLAwDQYJKoZIhvcNAQELBQADggEBABE1HWomTzKM\nMFdNy0hZx90fVKs+0/Ok5cPClqD/tvoyRnzjlwRTi/rDA5Emf/Om4L6MEkKywzDm\nYgPpEj1JLAzOF8EOb+gpW9mQvKorPAA3MUJgJv8YQ7mZCxIxq2ne5fMkxvZLkMCX\nnnNBl3sUNhlgzqZz0cwJAz27A4R0gnNz7nUJVsH/o4d2g11HSk7pr/4GQIP1Sjfr\nvo+QJvcYY6Y/mymQjDlPe88Iwq/L2gNgRBqSFx65QIqSmIaZdX0rIf/0efuHenTk\nh3t/98Slxa2j2naUHq/IM8Z702sL57T5qnnkVafKA4GfIlcSorx1SSzt8P+/Mydj\n/5qP2xAFqRI=\n-----END CERTIFICATE REQUEST-----\n",
"trackingId":"UC_91ba97af-284d-4108-bc4d-27695797c41b"
}

Gather the Certificate Management Logs using the remote account (incase RTMT is not available)

Location of logs on the server are:

1. /var/log/active/tomcat/logs/platformcom/log4j/
2. /var/log/active/tomcat/logs/platform-api/log4j
3. /var/log/active/platform/log/certMgmt*