cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
27524
Views
55
Helpful
23
Comments
Jaime Valencia
Cisco Employee
Cisco Employee

 

Through this video, I'll show you how to configure a Microsoft CA, running over a Windows 2012 Std server, to sign the tomcat certificate from CUCM.

I will assume you have already configured and installed the CA, if you need assistance on that topic, there's plenty of material on the web, you can use this as a reference:

https://technet.microsoft.com/en-us/library/cc731183.aspx

You might also want to change the validity period for your CA, if you're going to do this, I strongly recommend you do it right after you install your CA

https://support.microsoft.com/en-us/kb/254632

The keys mentioned in the above are still valid in newer releases.

Also, very important, bear in mind SHA1 has been deprecated, when you configure the CA, you should choose other option, I'm using SHA256 in my lab.

If you're going to be doing multi-server certificates and have public CA sign them, review the bugs mentioned in the Cert FAQ below, specially if you're on 10.5(x), as of November of this year, new changes in the procedure require all domains to be signed to be public domains, and the multi-server option will cause an error.

Any questions, comment, etc. you can reach me at javalenc@cisco.com

23 Comments
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links