Cisco Community
English
Register
How do YOU and your teams use messaging in Webex? Let us know for a chance to win some Webex swag!
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
361
Views
0
Helpful
2
Replies
VishalGupta8467
Beginner
Beginner
‎10-07-2020 06:18 AM
‎10-07-2020 06:18 AM

CA Signed TOMCAT expired, need advice on renewal

Hi All,

 

I am currently working on a cluster where Tomcat certificates are going to be expired in the coming week, and I am seeking help with the below query's:

 

We are not using Jabber/Extension Mobility, do I still need to renew the certs between CUCM/CUC nodes?

CUCM_A----SIP----CUC_A (Tomcats will be expired) Do I need to renew for this scenario?

CUCMCluster_A----SIP----CUCMCluster_B (Tomcats will be expired) Do I need to renew for this scenario?

 

CUC/CUCM 10.5

 

Thanks

0 Helpful
2 REPLIES 2
Nithin Eluvathingal
VIP Mentor VIP Mentor
VIP Mentor
‎10-07-2020 06:31 AM
‎10-07-2020 06:31 AM

U should renew the certificates. 

 

if self signed  certificate you can regenerate the certificate from CUCM. 

if CA signed get it signed from CA using the CSR.



Response Signature


0 Helpful
Jaime Valencia
Hall of Fame Cisco Employee Hall of Fame Cisco Employee
Hall of Fame Cisco Employee
‎10-07-2020 07:18 AM
‎10-07-2020 07:18 AM

Simple answer is that you should NEVER let your system work with expired certificates.

If you don't want to pay for CA certs, or don't want to get internal CA certs, you can just use self-signed certificates.

 

As to your questions to the call flows and tomcat, strongly suggest you review the documentation related to the usage of each certificate to understand when they're used.

HTH

java

if this helps, please rate
0 Helpful
Latest Contents
Finesse Call Overlap Issue with CVP Unreachable destination ...
Created by Sharath Gudemella on 07-03-2022 12:53 AM
0
0
0
0
Symptoms Cisco Finesse Not Ready - Call Overlap status is very a very common issue seen on Finesse desktop. Agents miss two calls and they are put in Not Ready - Call Overlap status. This is very likely related to CVP server and it's unreachabl... view more
Cisco Meeting Server Deploying Certificates Soon
Created by Meddane on 07-02-2022 11:53 AM
0
0
0
0
Lab 1: Cisco Meeting Server Standalone CertificatesLab 2: Cisco Meeting Server Cluster Certificates with Multi-SANLab 3: Multiple Certificates with Multiple CA ServersLab 4: Cisco Meeting Server Cluster Certificates Advanced ScenarioLab 5: Streamer Servic... view more
Cisco Meeting Server Multiple Certificates and Multiple CA S...
Created by Meddane on 06-28-2022 02:57 PM
0
0
0
0
Certificates are the first step to deploy Cisco Meeting Server, preparing certificate are very important to enable different services. As a VOIP administrator, mastering the concept of certificates is unavoidable Using multiple CA servers, instead of a si... view more
Cisco Meeting Server Clustering and Certificates document
Created by Meddane on 06-24-2022 04:11 PM
0
0
0
0
I just finished to write a comprehensive certificates preparation for Cisco Meeting Server Clustering. Through 60 pages I explained in detail, how to create certificates for database cluster, callbridge cluster, certificate chain for webbridge3, certifica... view more
Route Pattern, Translation Pattern and Transformation Patter...
Created by Meddane on 06-22-2022 10:33 AM
1
5
1
5
Route Pattern, Translation Pattern and Transformation Pattern on Cisco Unified Communication Manager with four use cases.  
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Related support document topics
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad
Webex Community How to Use the Community
NEW Webex Learning Catalog Help Center Share a Product Idea