I am currently working on a cluster where Tomcat certificates are going to be expired in the coming week, and I am seeking help with the below query's:
We are not using Jabber/Extension Mobility, do I still need to renew the certs between CUCM/CUC nodes?
CUCM_A----SIP----CUC_A (Tomcats will be expired) Do I need to renew for this scenario?
CUCMCluster_A----SIP----CUCMCluster_B (Tomcats will be expired) Do I need to renew for this scenario?
U should renew the certificates.
if self signed certificate you can regenerate the certificate from CUCM.
if CA signed get it signed from CA using the CSR.
Simple answer is that you should NEVER let your system work with expired certificates.
If you don't want to pay for CA certs, or don't want to get internal CA certs, you can just use self-signed certificates.
As to your questions to the call flows and tomcat, strongly suggest you review the documentation related to the usage of each certificate to understand when they're used.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: