WebEx Node For MCS - Certificate Upgrade

From DocWiki

Revision as of 20:37, 6 June 2013 by Derjohns (Talk | contribs)
Jump to: navigation, search

Contents

Introduction

Cisco has determined that patches related to security certificate needs to be installed by MeetingPlace customers running the Cisco WebEx Node for MCS; in order to ensure secure operation using 2048-bit-certificates between such nodes and the WebEx Node Management System. Failure to install the patch within the timeline outlined below will result in service outage and disruption once the WebEx Node Management System in the Cloud has been upgraded.

Please reference the readme file for each patch for specific install directions and details.



Determining the Version for WebEx Node for MCS

  • Determine WebEx Node for MCS version:
  1. SSH into the WebEx Node for MCS
  2. The SSH session will prompt you for a username. The username to the WebEx node for MCS will always be “wbxadmin”
    • The password for the wbxadmin account would have been configured at the installation of the system.
    • After log in as wbxadmin user on WebEx node, if initial installation was at least 60 days ago, wbxadmin and root user password will expire. Wbxadmin will be prompted to change the password when he logs in after this period, but new, more complex password criteria is enforced.
The password must adhere to the following guidelines 
- Must be at least 14 characters in length
- Must contain at least 2 upper case character (A-Z)
- Must contain at least 2 lower case character (a-z)
- Must contain at least 2 numeric digit (0-9)
- Must contain at least 2 special character (! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~)
- Cannot be the same or similar to the old one
- An example password that meets the above criteria is ""CiscO123!@#123!@#""
  1. Enter the command ""show webex version""
  2. The output of this command should be one of the following:
List Cisco Unified Communications Product
==============================================

Cisco Webex Node 8.0.1.8 ...
List Cisco Unified Communications Product
==============================================

Cisco Webex Node 8.5.2.8 ...

or

List Cisco Unified Communications Product
==============================================

Cisco Webex Node 8.5.5.2 ...

Downloading the Patch for your version of WebEx Node for MCS

  • After determining the MeetingPlace version above, use this version number to identify the specific patch to download.
  • All Cisco downloads require a cisco.com (CCO) login ID.
  • 8.0.1.8 patch downloads are available here:

MP8.0MR1_Patch1_WebExNode_80232.tar.gz

  • 8.5.2.8 through 8.5.5.2 patch downloads are available here:

MP8.5MR3_Patch2_WebExNode_85510.tar.gz

Installation Instructions

All installation instructions are included in the readme files (such as "README_8.0_patch.txt" or "README_8.5_patch.txt") downloaded along with the patch files. They are also linked directly here:

8.0 Patch Readme

8.5 Patch Readme

  1. Open this readme file in a program such as WordPad
  2. Make sure to follow each step within the readme file
  • For deployments with multiple WebEx Nodes for MCS, each node must be patched

FAQ

This section provides information about commonly encountered issues and how to resolve them.


Q: I am receiving a message indicating that my account does not have permissions to download the software. How can the software be downloaded?

  • A: If you experience entitlement issues downloading software with your CCO account, please attach a contract with software download using the Cisco Service Contract Center at http://www.cisco.com/web/services/ordering/cscc/index.html . If you need assistance with this tool, please open a case with the Cisco Service Support Center at http://www.cisco.com/web/siteassets/contacts/international.html and select your country for a local assistance phone number. Based on your contract number, they will be able to assist you. If you have questions about your contract, please reach out to your Cisco Sales contact or Cisco Account team for assistance. Alternately, use another cisco.com ID that has these permissions.

Q: My WebEx Node is a virtual installation on a UCS. Do I still have to apply the Certificate Upgrade?

  • A: Yes. The UCS installation is a virtualized platform for the installation of the WebEx Node for MCS software, and as such the certificate update still applies to it.

Q: Why I am not able to ssh and login as wbxadmin using the correct password?

  • A: If you are not able to ssh and login as wbxadmin with the correct password, the wbxadmin account is locked. This is due to the security policy that locks up wbxadmin after three consecutive unsuccessful login attempts. *The common causes of the lock up include:
    • 3 consecutive login attempts with the wrong password, especially with the STIG enforced password.
    • The sticky keyboard issue with VM clients.
  • If the wbxadmin account is locked, follow these steps to verify and re-enable the account (procedure applies for all versions):

Rating: 4.7/5 (3 votes cast)

Personal tools