Troubleshooting On-premise Telephony SSL Handshake

The inability to save an audio profile is sometimes caused by a failure of the the ssl connection. Here is an example of a pop-up generated by an ssl handshake error using a telephony adaptor:

If the ssl handshake for a telephony adaptor connection fails, check the telephonyservice.conf file in \Connect\10.5.0\TelephonyService\conf

Backup the file and find the System properties definitions:

# System property definitions (-D) ( 50 … 99)
wrapper.java.additional.50=-Dapplication.home=..\TelephonyService
wrapper.java.additional.51=-Djava.endorsed.dirs=..\tomcat\bin
wrapper.java.additional.52=-Dcatalina.base=.
wrapper.java.additional.53=-Dcatalina.home=..\tomcat
wrapper.java.additional.54=-Djava.io.tmpdir=.\temp
wrapper.java.additional.55=-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
wrapper.java.additional.56=-Djava.util.logging.config.file=..\tomcat\conf\logging.properties
wrapper.java.additional.57=-Dlibrary.service=WIN32

Add a line if needed:

wrapper.java.additional.58=-Djavax.net.debug=ssl:handshake

Save and restart the Adobe Connect Telephony service.

In this example case an error was found in the Intercall_Adaptor.log; check the log appropriate to the adapter being used \logs\telephony\

Check the server to server connection (from the Connect server) using the URL in telephony-settings.xml in \TelephonyService\conf\ In this example:

https://iccapi.audiocontrols.net:8443/axis2/services/CCAPI?wsdl

Check or create the TelephonyService.keystore and import the cert if needed:

• Connect\10.5.0\TelephonyService\cert
• Connect\10.5.0\\jre\bin\keytool.exe

From a command prompt (edit install directory location as required):

\Connect\10.5.0\jre\bin>keytool -list -v -keystore C:\Connect\10.5.0\TelephonyService\cert\TelephonyService.keystore

Check the cacerts in \Connect\10.5.0\jre\lib\security\cacerts

Compare from a command prompt (edit install directory location as required):

\Connect\10.5.0\jre\bin>keytool -list -v -keystore C:\Breeze\9.3.1\jre\lib\security\cacerts.txt

Check the SSL entry in the server.xml file in \Connect\10.5.0\TelephonyService\conf

<Connector port=”9443″ protocol=”org.apache.coyote.http11.Http11NioProtocol” SSLEnabled=”true”
sslImplementationName=”org.apache.tomcat.util.net.jsse.JSSEImplementation”
maxThreads=”150″ scheme=”https” secure=”true” sslEnabledProtocols=”TLSv1.2″
keystoreFile=”${catalina.base}/cert/TelephonyService.keystore” keystorePass=”connect”
clientAuth=”false” sslProtocol=”TLS” URIEncoding=”UTF-8″
useServerCipherSuitesOrder=”true”

The logs for each adaptor are depicted by name: \Connect\logs\telephony\-relevant-adaptor.xx.log

The debug log is also often helpful: \Connect\logs\support\debug.xx.log

As is the telephony application log: \Connect\logs\support\apps\_defaultHost_\telephonyProviderTesterApp\instances\7\####\application.xx.log

Note: As a general rule, when sending logs to Adobe Connect Support for scrutiny of a telephony (or any server-side) issue, it is prudent to send all logs (if allowable) by truncating them to focus on the issue at hand:

• Stop all services: AMS, AMG, Connect & Telephony
• Rename or delete all log directories
• Restart all services and recreate the problem being scrutinized
• Stop all services and zip complete log directories focused on the issue at hand and provide them to the support consultant

And along those same lines, entire conf directories and custom.ini file can also will help us locate the source of problems as well:

• C:\Connect\10.5.0\TelephonyService\conf
• C:\Connect\10.5.0\comserv\win32\conf
• C:\Connect\10.5.0\comserv\conf
• \Connect\10.5.0\custom.ini