Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
522
Views
0
Helpful
2
Replies

Generating csr CUCM-Tomcat before and after mixed-mode enabled

luis.bastardo
Level 1
Level 1

‎03-18-2020 12:48 PM

Hello,


I generated CRS for a cluster of cucm with Multi-SAN and the CSR are signed by CA public, the callmanager and tomcat certificate.

 

Now, the customer wants to secure signaling and media, so the cluster will pass a mixed-mode.

 

The question is, the csr, when the cluster pass to a mixed-mode, they will change? I must sign them again?

 

Regards.

0 Helpful
2 Replies 2

Jaime Valencia
Cisco Employee
Cisco Employee

‎03-18-2020 02:31 PM

Have you reviewed the documentation on enabling mixed mode on CUCM??

HTH

java

if this helps, please rate
0 Helpful

Maren Mahoney
VIP
VIP
In response to Jaime Valencia

‎03-19-2020 10:08 AM

Jaime is right, be sure to read and re-read the documentation on enabling mixed-mode in CUCM. (And do a Google search on tips and trick to help clarify.)

If you have not added or rebuilt any nodes since your existing certificates were issued, and if you are using the same Multi-SAN parameters, and if you are signing additional certificates with the same CA, then only 'additional' certificates would need to be signed and you should be able to continue to use the ones already signed.

Read the Security Guide for your version of CUCM. There is a chapter on CTL setup. Also do a search through the security guide for "mixed" to view additional caveats to changing to mixed mode (and there are plenty!).

Maren

0 Helpful
Customers Also Viewed These Support Documents