Does adding a tomcat-trust cert REQUIRE restart of the Cisco Tomcat application?
I know that you must restart Cisco Tomcat if you install a new certificate for tomcat, but that seems to be due to the fact that installing a new certificate for tomcat replaces the existing tomcat certificate. And since that certificate is the one which is presented for https connections, it makes sense that a Cisco Tomcat restart would be required for that. Also, that service restart actually happens automatically, from what I've seen.
But what about tomcat-trust? I'm looking to add another CA certificate because my two CUCM clusters are signed by different CAs. So I need to add both CA certs to both CUCM clusters as tomcat-trust, but I want to confirm that adding this certificate will not cause or require a restart of Cisco Tomcat.
It's worth mentioning that this is for the TLS piece of ILS configuration between two clusters.
This suggests that the service does need to be restarted. I will have to do some testing after-hours to determine if the restart of Cisco Tomcat is automatic in this case or if it must be done manually.
I plan to conduct testing to discover what happens if you choose not to execute the restart after installing a tomcat-trust cert. Here are the questions I want to answer:
1. Does SSO still function properly?
2. Would the cert "take effect" or would it be ignored until Cisco Tomcat has been restarted?
These are nitty-gritty questions I'd like to be able to answer and I will post my findings once I have conducted some tests.
If anyone has already messed with this, please do feel free to chime in with your findings. It's worth noting I'm running CUCM 18.104.22.16800-11
The 2021 IT Blog Awards, hosted by Cisco, is now open for submissions. Submit your blog, vlog or podcast by Friday, December 3.
To learn what's new in this year's competition or to gain insights into the judging considerations, check out t...
Greetings, Wanted to share a few lessons learned while migrating from a distributed to centralized IMP deployment. Our current setup included many CUCM/IMP distributed clusters with centralized Expressway server for MRA login. We did not wish to perf...
Parsec's Cisco UCCE/PCCE CC Connector application for CRM works as a bridge between the CRM and Cisco UCCE/PCCE CC solution.The CRM can be any cloud based CRM like Salesforce (SFDC), ServiceNow ,MS Dynamics or a 3rd party CRM.The CRM user/Agent will have ...
It’s a feature which allows CUCM to determine whether the phone is in its home location or a roaming station.By enabling this feature users can roam from one site to another site and acquire the site-specific settings such as Codecs, MRGL, Call rout...