Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
431
Views
0
Helpful
5
Replies

Any impact on phone registration due to CTL/ITL certificate file after uploading CA signed Tomcat certificate

rashmi814
Level 1
Level 1

‎01-24-2017 08:46 AM - edited ‎03-17-2019 09:17 AM

All,

I am in process of configuring certificate based ILS authentication which required Root CA and tomcat certificate needs to be uploaded to CUCM cluster and exchange between cluster. I would like to know after uploading Signed TOMCAT certificate, does phone require new CTL files?

Do I required phone reset to upload new CTL files?

Can you please let me know any impact on service after uploading CA signed certificate.

Thanks,

Labels:
0 Helpful
5 Replies 5

Jaime Valencia
Cisco Employee
Cisco Employee

‎01-24-2017 09:02 AM

Are you running mixed mode with security enabled?

HTH

java

if this helps, please rate
0 Helpful

rashmi814
Level 1
Level 1
In response to Jaime Valencia

‎01-26-2017 02:52 PM

I do not have any security enable in cluster.

0 Helpful

Ayodeji Okanlawon
VIP Alumni
VIP Alumni
In response to rashmi814

‎01-27-2017 02:00 PM

This shouldnt have any impact on the phones and NO you dont need to upload CTL files.  Just be aware that tomcat certs are used by phones for accessing directories and EM. So you need to ensure that the certs are re-signed once they expire.

Please rate all useful posts
0 Helpful

Chris Deren
Hall of Fame
Hall of Fame

‎01-27-2017 05:58 AM

Phones do not use Tomcat certs for anything, so uploading Tomcat certs only requires reset of Cisco Tomcat service and does not do anything to phones.

On a side note there was a Cisco bug dealing with certificate based ILS, I don't have it handy, but it was pretty nasty and I've avoided using cert based ILS authentication and simply have been using password based.

0 Helpful

Ayodeji Okanlawon
VIP Alumni
VIP Alumni

‎01-27-2017 02:15 PM

Hi, CTL files are used for something totally different, so they do not have any impact on tomcat. But be aware that Tomcat certs are used for things like extension mobility and during directory search on cucm UDS directories. So if the tomcat expires these services will be impacted.

Please rate all useful posts
0 Helpful
Customers Also Viewed These Support Documents