Plantronics + Polycom. Now together as Poly Logo

Poly Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Failed to fetch the user certificate error message

jprny
Occasional Visitor
‎03-13-2019 01:24 PM
‎03-13-2019 01:24 PM

Failed to fetch the user certificate error message

I was on version 5.8.0.12848 and all has been working well for a long time.

Starting yesterday, I got the error message "Failed to fetch the user certificate" whenever trying to log in to SFB on the phone or via the web interface.

I upgraded to 5.9.0.9373 and am getting the same error.

 

I can provide logs or backup if required, though it looked like this is a common error.

Appreciate any help.

Thanks.

 

Phone Information

Phone Model VVX 600

Part Number 3111-44600-001 Rev:A

MAC Address 00:04:F2:87:EF:38

IP Mode IPv4

IP Address 192.168.2.4

UC Software Version 5.9.0.9373

Updater Version 5.9.7.11143

Camera Software Version VVX Camera is not connected

Message 1 of 5
0 Kudos
Reply
4 REPLIES 4
jprny
Occasional Visitor
‎03-13-2019 01:33 PM
‎03-13-2019 01:33 PM

Re: Failed to fetch the user certificate error message

Here's the tail of the app log.

FYI, this is Office 365.

Thanks.

-jpr

 

https://login.windows.net/common/oauth2/authorize
https://webdir0a.online.lync.com/WebTicket/WebTicketService.svc/OAuth
https://webdir0a.online.lync.com/WebTicket/WebTicketService.svc
https://login.windows.net/common/oauth2/authorize
http://nexus.microsoftonline-
0313162720|auth |4|00|AuthSvc SOAuth2Error, BaseEventInit restart[0] SfbTokenFetchMethod[3]
0313162720|auth |2|00|S/E(sSOAuth2Error,kBaseEventInit),rO(4)
0313162720|auth |3|00|kEAuthOnRecvDataResponse:Event(4) not found in Transition Table for state sSOAuth2Error
0313162720|auth |2|00|<\SM>(305)AuthServiceOAuthStateMachine(0x440628e8):Ctx((513),(4),Ticks(0))
0313162720|auth |2|00|Policy Dest:(203)AuthServicePolicyFsmKey:(106)AuthServiceOAuthMsgKey:(215)AuthSvcAOFsmReplyKey
Caller Service(-1):IndicationCode(400)Failed to Get oAuth Token
,TransactionID(852856421)
0313162720|auth |2|00|Silent Indication, CallerService(AuthServiceCallerSnooper)
0313162720|auth |2|00|CAuthSvcUpdateTokenNotifier:: UserMode = [False]
0313162720|auth |2|00|Policy Dest:(202)AuthServicePolicyDBKey:(106)AuthServiceOAuthMsgKey:(212)AuthSvcAODBDBIndKey
Caller Service(-1):IndicationCode(400)Failed to Get oAuth Token
,TransactionID(852856421)
0313162720|auth |2|00|<SM>(305)AuthServiceOAuthStateMachine(0x440628e8):Ctx((513),(7)kBaseEventStop,Ticks(0))
0313162720|auth |2|00|<\SM>(305)AuthServiceOAuthStateMachine(0x440628e8):Ctx((513),(-1),Ticks(0))
0313162720|auth |2|00|CAuthSvcUpdateTokenNotifier:: UserMode = [False]
0313162720|auth |2|00|<SM>(304)AuthServiceUTStateMachine(0x440d8850):Ctx((345),(7)kBaseEventStop,Ticks(0))
0313162720|auth |2|00|<\SM>(304)AuthServiceUTStateMachine(0x440d8850):Ctx((345),(-1),Ticks(0))
0313162720|auth |2|00|CAuthSvcUpdateTokenNotifier:: UserMode = [False]
0313162720|auth |2|00|Policy Dest:(202)AuthServicePolicyDBKey:(101)AuthServiceWTMsgKey:(211)AuthSvcAODBIEIndKey
Caller Service(-1):IndicationCode(400)Failed to Get oAuth Token
,TransactionID(852856421)
0313162720|auth |2|00|CAuthSvcUpdateTokenNotifier:: UserMode = [False]
0313162720|auth |2|00|Policy Dest:(202)AuthServicePolicyDBKey:(102)AuthServiceUCMsgKey:(211)AuthSvcAODBIEIndKey
Caller Service(-1):IndicationCode(400)Failed to Get oAuth Token
,TransactionID(852856421)
0313162720|auth |2|00|CAuthSvcUpdateTokenNotifier:: UserMode = [False]
0313162720|auth |2|00|Policy Dest:(201)AuthServicePolicyServiceKey:(102)AuthServiceUCMsgKey:(206)AuthSvcAOServiceReplyKey
Caller Service(-1):IndicationCode(400)Failed to Get oAuth Token
,TransactionID(852856421)
0313162720|auth |2|00|Response(-1)auth,(102)AuthServiceUCMsgKey,(-1)pps,(14),(Expiry,TransactionId,Time,Type):(-1,852856421,1552508840,1)IndicationCode:(400)Failed to Get oAuth Token
0313162720|sip |4|00|TLS-DSK:soWebTicketCbFunc: SoWebTicketCb_ResponseError event triggered from the soWebTicket
0313162720|auth |2|00|Policy Dest:(201)AuthServicePolicyServiceKey:(106)AuthServiceOAuthMsgKey:(206)AuthSvcAOServiceReplyKey
Caller Service(144)AuthServiceCallerSnooper:IndicationCode(400)Failed to Get oAuth Token
,TransactionID(852856421)
0313162720|auth |2|00|Response(-1)auth,(106)AuthServiceOAuthMsgKey,(-1)lyncStatus,(14),(Expiry,TransactionId,Time,Type):(-1,852856421,1552508840,1)IndicationCode:(400)Failed to Get oAuth Token
0313162720|log |5|00|Skipped uploading of failed log file because no of failures are > 4 or last upload failed time is < 60 seconds.
0313162750|sip |5|00|SSL_get_error nLen -1 errno 104 nError 5 = (0)error:00000000:lib(0):func(0):reason(0)
0313162750|sip |4|00|TLS Listen Thread Exit
Message 2 of 5
0 Kudos
Reply
SteffenBaierUK
Polycom Employee & Community Manager Polycom Employee & Community Manager
Polycom Employee & Community Manager
‎03-13-2019 09:57 PM
‎03-13-2019 09:57 PM

Re: Failed to fetch the user certificate error message

Hello @jprny ,

 

welcome to the Polycom Community.

Please ensure you always check the FAQ's and/or utilize the community search before posting any new topics or follow up post’s.

 

Jan 17, 2017 Question:How can I troubleshoot simple Skype for Business, LYNC or Office365 issues?

Resolution: Have a look => here <=

 

Your log does not contain enough information on why the sign in process fails.

Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

----------------
The title Polycom Employee & Community Manager is a community setting and does not reflect my role. I am just a simple volunteer in the community like everybody else. My official "day" Job is 3rd Level support at Poly but I am unable to provide official support via the community.

----------------

Notice: This community forum is not an official Poly support resource, thus responses from Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge. If you need immediate and/or official assistance please open a service ticket through your proper support channels.
Please also ensure you always check the VoIP , Video Endpoint , Skype for Business , PSTN or RPM FAQ's
Message 3 of 5
0 Kudos
Reply
jprny
Occasional Visitor
‎03-14-2019 06:03 AM
‎03-14-2019 06:03 AM

Re: Failed to fetch the user certificate error message

Thanks.

I enabled debugging and see this more useful error message:

 

0314083242|auth |4|00|parseOAuth2ErrorCodeDetails: csErrorCode[interaction_required] csErrorDescription[AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access.

 

We have had MFA enabled for a long time, so I'm sure why it stopped working. I can't remember if the phone used a regular password or an app password.  I tried the app password and it was reported as incorrect, so I went back to the regular password.

 

I found some support info that said that I have to log in with the "web login", which makes sense.  "web login" was available on the phone itself when I clicked "sign in".  That displayed an MS URL to visit from a web browser and a code to enter.  When I did that, the login worked successfully.

 

Hope this helps someone else.

Thanks

 

 

Message 4 of 5
0 Kudos
Reply
mschulze
Esteemed Contributor
‎03-15-2019 02:21 AM
‎03-15-2019 02:21 AM

Re: Failed to fetch the user certificate error message

Hi @jprny,

Please note that the only form of Multi Factor Authentication currently supported on the VVX is Web Sign-In which is intended for Office 365 use only.

Currently no other Multi Factor Authentication solutions are supported.

Message 5 of 5
Reply