cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

AMA-CUCM Troubleshooting: Best Practices for Reading Trace Files

1029
Views
0
Helpful
8
Replies

Set Parameter in Unified Contact Center Express

Where can I set the enterprise parameter "HTTPS Ciphers" to "All Supported EC and RSA Ciphers" as shown on the CSR generation site of UCCX ?

Everyone's tags (1)
8 REPLIES 8
Rising star

In UCCX 11.5, it's set that

In UCCX 11.5, it's set that way by default apparently.  I'd like to turn it off so that this cert isn't needed/used, but cannot find any way to access enterprise parameters in UCCX.  

Rising star

And apparently it's required

And apparently it's required (based on this document):

http://www.cisco.com/c/en/us/support/docs/customer-collaboration/unified-contact-center-express/118855-configure-uccx-00.html

There's a note in there that says:

Note: When you use UCCX 11.5 and later, there is a new certificate for tomcat-ECDSA. When you use CA signed certificates, ensure that the CSR is downloaded for this certificate as shown previously and the application certificate for tomcat-ECDSA is uploaded into the tomcat-ECDSA as explained in the previous procedure. This is required for the Live Data functionality which uses Socket IO from UCCX 11.5

Apparently once again it was decided that the customer could not decide for themselves whether or not this was wanted or needed, and there appears to be no way to turn this off in UCCX. 

Hi Clifford McGlamry

Hi Clifford McGlamry

With your Explanation I understand the message on the CSR site..but there is still something I don’t understand.
Why does the live statistic of our agents still showing up, even if the tomcat-ECDSA is not uploaded?

Do I need to generate it or not?

Rising star

 There was a thread on PUCK

 There was a thread on PUCK that described this quite well.  Problem is it had images that will not paste into the body of the message on this board.  I copied it into a PDF file and am attaching it to this note.  Highly recommend you look it over...especially the first table.

 

 

Rising star

Bottom line, if you're using

Bottom line, if you're using signed certs for Tomcat, yes, you need to do this one as well.  Be advised that this is NOT an RSA cert.  It uses a new type of cyper called Elliptec Curve (or EC).  Make sure that the CA generates it correctly or you will have issues (see the table in the PDF in the message above.

For the moment we have a

For the moment we have a certificate combination/Webserver (RSA CA signed Tomcat, self signed Tomcat-ECDSA like the PDF above shows) and the LD shows up normal without additional certificate or cop. installation.

How is this possible?

Enthusiast

Re: For the moment we have a

Did you ever find where to set the Enterprise paramaters?

Highlighted
Participant

Re: For the moment we have a

I can't find it either.  I'm guessing there's not actually an Enterprise Parameters in CCX

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards