CWMS certificates

Michael Goethals · ‎10-04-2013

Dears,

I'm wondering if it is possible to put 2 different certificates on the Cisco Webex Meetings Servers.

I need to install for a customer a 50 user deployment with 2 admin machines and 2 IRP machines in HA.

I will work on a split horizon topology.

Questions:

Is it possible to put a certificate from the internal PKI on my admin machines and a certificate from a public authority on my IRP machines ?
If we enable public access is it mandatory to put a public certificate ? (Will it be trusted ?)
Is there anywhere detailed documentation about certificates for CWMS? (no admin or planning guide)

Thank you for your support ,

Michaël

Derek Johnson · ‎10-04-2013

Hello,

1. No, only a single certificate can be uploaded to CWMS as all the pages hosted by CWMS offer the same certificate. This is done by using a wildcard certificate (in deployments where all internal VMs and user pages are on the same domain), or with a SAN certificate that lists all CWMS hostnames in a single cert.

2. It is not mandatory, but unless the certificate is publicly signed it will not be automatically trusted by external Internet visitors.

3. Besides the admin and planning guides, there some details uncovered by the troubleshooting guide for certificate issues, but otherwise no further public certificate documentation:

http://www.cisco.com/en/US/docs/collaboration/CWMS/1_5/Troubleshooting_Guide_chapter_01.html

Derek Johnson

Conferencing TAC

Michael Goethals · ‎10-06-2013

Derek,

Thank you for your quick response.

If i want to implement Dial-in/out with my CUCM, do i have to import my public certificate (wildcard) into the CUCM ?

All my communication needs to be encrypted.

And if I understand the Planning/Administratation guide it is mandatory to import the CUCM certificate into my CWMS and visa versa.

Thank you,

Michaël