Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2171
Views
0
Helpful
8
Replies

Set Parameter in Unified Contact Center Express

raphaelkellerhals
Level 1
Level 1

‎11-08-2016 11:53 PM - edited ‎03-14-2019 04:45 PM

Where can I set the enterprise parameter "HTTPS Ciphers" to "All Supported EC and RSA Ciphers" as shown on the CSR generation site of UCCX ?

1 person had this problem
Labels:
0 Helpful
8 Replies 8

Clifford McGlamry
Spotlight
Spotlight

‎11-13-2016 10:20 AM

In UCCX 11.5, it's set that way by default apparently.  I'd like to turn it off so that this cert isn't needed/used, but cannot find any way to access enterprise parameters in UCCX.  

0 Helpful

Clifford McGlamry
Spotlight
Spotlight
In response to Clifford McGlamry

‎11-13-2016 10:29 AM

And apparently it's required (based on this document):

http://www.cisco.com/c/en/us/support/docs/customer-collaboration/unified-contact-center-express/118855-configure-uccx-00.html

There's a note in there that says:

Note: When you use UCCX 11.5 and later, there is a new certificate for tomcat-ECDSA. When you use CA signed certificates, ensure that the CSR is downloaded for this certificate as shown previously and the application certificate for tomcat-ECDSA is uploaded into the tomcat-ECDSA as explained in the previous procedure. This is required for the Live Data functionality which uses Socket IO from UCCX 11.5

Apparently once again it was decided that the customer could not decide for themselves whether or not this was wanted or needed, and there appears to be no way to turn this off in UCCX. 

0 Helpful

raphaelkellerhals
Level 1
Level 1
In response to Clifford McGlamry

‎11-21-2016 12:06 AM

Hi Clifford McGlamry

With your Explanation I understand the message on the CSR site..but there is still something I don’t understand.
Why does the live statistic of our agents still showing up, even if the tomcat-ECDSA is not uploaded?

Do I need to generate it or not?

0 Helpful

Clifford McGlamry
Spotlight
Spotlight
In response to raphaelkellerhals

‎11-21-2016 07:06 AM

 There was a thread on PUCK that described this quite well.  Problem is it had images that will not paste into the body of the message on this board.  I copied it into a PDF file and am attaching it to this note.  Highly recommend you look it over...especially the first table.

 

 

Preview file
290 KB
0 Helpful

Clifford McGlamry
Spotlight
Spotlight
In response to Clifford McGlamry

‎11-21-2016 07:08 AM

Bottom line, if you're using signed certs for Tomcat, yes, you need to do this one as well.  Be advised that this is NOT an RSA cert.  It uses a new type of cyper called Elliptec Curve (or EC).  Make sure that the CA generates it correctly or you will have issues (see the table in the PDF in the message above.

0 Helpful

raphaelkellerhals
Level 1
Level 1
In response to Clifford McGlamry

‎11-21-2016 08:52 AM

For the moment we have a certificate combination/Webserver (RSA CA signed Tomcat, self signed Tomcat-ECDSA like the PDF above shows) and the LD shows up normal without additional certificate or cop. installation.

How is this possible?

0 Helpful

kenreeves
Level 4
Level 4
In response to raphaelkellerhals

‎09-14-2017 05:54 PM

Did you ever find where to set the Enterprise paramaters?

0 Helpful

shh5455
Level 3
Level 3
In response to kenreeves

‎12-07-2017 11:25 AM

I can't find it either.  I'm guessing there's not actually an Enterprise Parameters in CCX

0 Helpful
Customers Also Viewed These Support Documents