Certificates are the first step to deploy Cisco Meeting Server, preparing certificate are very important to enable different services. As a VOIP administrator, mastering the concept of certificates is unavoidable
Using multiple CA servers, instead of a single CA and single certificate, is helpful to fully understand what must be configured between CallBridge and WebBridges.
And this is the purpose of the following scenario I finished recently.
Requirements:
1. The CallBridge service should use the CA-1 Server to sign the CallBridge certificate called CALLBRIDGE.cer.
2. The WebBridge service should use the CA-2 Server to sign the WebBridge certificate called WEBBRIDGE.cer.
3. The CallBridge must use the subordinate CA generated from CA-1 Server.
4. The WebBridge must use the subordinate CA generated from CA-2 Server.
5. Create a Bundle CA Called CB-Bundle.cer for CallBridge service using the Subordinate CA and Root certificate of CA-1 server.
6. Create a Bundle CA called WB-C2W-Bundle.cer for WebBridge service using the Subordinate CA and Root certificate of CA-2 server.
7. Create a certificate chain called WEBBRIDGE-CHAIN.cer for WebBridge3 using the previous subordinate CA, the Root certificate of CA-2 server and the WebBridge certificae.
8. Make sure that the CallBridge service will trust only the WebBridge certificate chain signed by only the certificate WB-C2W-Bundle.cer.
9. Make sure that the WebBridge service will trust only the CallBridge's certificate signed by only the certificate CB-Bundle.cer.