Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2667
Views
10
Helpful
2
Replies

Regenerate WSM certificate on CVP Call server

shreyashdadheech
Level 1
Level 1

‎07-28-2021 07:19 AM

Hi All,

 

Could anyone please help me re-generating the WSM self-signed certificate on CVP call server. 

After an upgrade I found out that the Name of the server is incorrect in one of the previous certificates so I need to correct that.

 

Please suggest how can I perform this or is it possible to edit server name in pre existing WSM certificate.

 

Many Thanks

Shreyash Dadheech

Labels:
0 Helpful
2 Replies 2

Ramamoorthy Shanmugam
Level 7
Level 7

‎07-28-2021 10:25 AM - edited ‎08-12-2021 11:26 AM

Hi,

 

Yes, we can delete and recreate. please use the below link and commands. before the start for CVP Standalone & UCCE setup please update CVP Call/VXML/Reporting servers Host name to FQDN in OAMP page and save and deploy.

 

=======================================================================================================
Open a command window as Administrator to run the commands. To view certificate list cmd 


%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -list 
=======================================================================================================
Step 1. To delete the CVP OAMP, CVP CALL VXML & Reporting servers old self-signed certificates run these commands  ||
=======================================================================================================
===========================
CVP OAMP (UCCE deployment)||
===========================
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -delete -alias wsm_certificate
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -delete -alias oamp_certificate
==========================
CVP CALL & VXML Server ||
==========================
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -delete -alias wsm_certificate
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -delete -alias vxml_certificate
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -delete -alias callserver_certificate
=======================
CVP Reporting servers ||
=======================
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -delete -alias wsm_certificate
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -delete -alias callserver_certificate

=================================================================================
(ii) Generate the new self-signed certificates with the FQDN of the CVP servers ||
=================================================================================
===========================
CVP OAMP (UCCE deployment)||
===========================
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -genkeypair -alias wsm_certificate -keysize 2048 -keyalg RSA -validity 1895
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -genkeypair -alias oamp_certificate -keysize 2048 -keyalg RSA -validity 1895

Reboot the CVP OAMP server.
==========================
CVP CALL & VXML Server ||
==========================
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -genkeypair -alias wsm_certificate -keysize 2048 -keyalg RSA -validity 1895
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -genkeypair -alias vxml_certificate -keysize 2048 -keyalg RSA -validity 1895
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -genkeypair -alias callserver_certificate -keysize 2048 -keyalg RSA -validity 1895

Reboot the CVP call server.
=======================
CVP Reporting servers ||
=======================
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -genkeypair -alias wsm_certificate -keysize 2048 -keyalg RSA -validity 1895
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -genkeypair -alias callserver_certificate -keysize 2048 -keyalg RSA -validity 1895

Reboot the Reporting servers.
=============================================================
(iii) Export wsm_Certificate from CVP and Reporting servers ||
=============================================================

Command to export the self-signed certificates:

Step 1. Export WSM certificate from CVP Server, Reporting and OAMP server.
===========================================================================
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -export -alias wsm_certificate -file %CVP_HOME%\conf\security\wsm_HCVP01.crt
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -export -alias wsm_certificate -file %CVP_HOME%\conf\security\wsm_HCVP02.crt
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -export -alias wsm_certificate -file %CVP_HOME%\conf\security\wsm_HCVPREP.crt
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -export -alias wsm_certificate -file %CVP_HOME%\conf\security\wsm_HCVPOPS.crt

C:\Cisco\CVP\conf\security\wsm.crt from each server and rename it as wsmX.crt depending on the server type.


Step 2. Import WSM certificates from CVP Server and Reporting server into OAMP server.
======================================================================================
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -import -alias HCVP01.lab.local_wsm -file c:\cisco\cvp\conf\security\wsm_HCVP01.crt
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -import -alias HCVP02.lab.local_wsm -file c:\cisco\cvp\conf\security\wsm_HCVP02.crt
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -import -alias HCVPREP.lab.local_wsm -file c:\cisco\cvp\conf\security\wsm_HCVPREP.crt

Reboot the servers

Step 3. Import CVP OAMP server WSM certificate into CVP Server and Reporting servers.
=====================================================================================
%CVP_HOME%\jre\bin\keytool.exe -storetype JCEKS -keystore %CVP_HOME%\conf\security\.keystore -import -alias HCVPOPS.lab.local_wsm -file c:\cisco\cvp\conf\security\wsm_HCVPOPS.crt

Reboot the servers

 

https://www.cisco.com/c/en/us/support/docs/contact-center/packaged-contact-center-enterprise/215664-implement-ca-signed-certificates-in-a-cc.html#anc41

 

https://www.cisco.com/c/en/us/support/docs/contact-center/unified-contact-center-enterprise/215445-exchange-self-signed-certificates-in-a-u.html#anc12

 

Ram.S

 

 

 

Regards,
Ram.S

shreyashdadheech
Level 1
Level 1

‎08-12-2021 09:13 AM

Hi Ram,

 

Thanks for the response.

 

Shreyash

0 Helpful
Customers Also Viewed These Support Documents