Re: Certificate Deletion on CUCM 12.5

DuBu · ‎12-01-2022

Hi

We see a lot of alerts being generated for Expired Certificates. ALl of the certs are renewed and we would like to delete the expired ones. Could someone suggest the services we would need to restart after deleting the expired certs?

Certificates expired and need to be deleted

CallManager-Trust --> I believe a restart of the CCM and TFTP service is needed. Is that correct?

Tomcat-Trust--> restarting tomcat service should be fine?

CAPF-Trust--> The CAPF and CAPF-trust is renewed. Deleting the old certificate would need restarting of any services?? We are using a Mixed Mode Cluster

Phone-SAST-Trust--> This is also renewed. Would any service need to be restarted after deleting the expired cert?

Thanks in advance

b.winter · ‎12-01-2022

Google or forum search is your friend.
There are hundreds of posts when you search for "CUCM certificate".

E.g.:
https://community.cisco.com/t5/ip-telephony-and-phones/regeneration-of-expired-all-certicates-on-communications-manager/td-p/2928284
With a link in there:
https://www.cisco.com/c/en/us/support/docs/unified-communications/unified-communications-manager-callmanager/200199-CUCM-Certificate-Regeneration-Renewal-Pr.html

Roger Kallberg · ‎12-01-2022

This document outlines the services you need to restart for each certificate. Cisco UC Certificates Renewal Guide

Nithin Eluvathingal · ‎12-03-2022

The Guides, other member shared explains well services to be restarted. Below mentioned is a cheatsheet for certificates.

https://defaultgateway.org/2021/07/01/cucm-certificate-regeneration-cheatsheet/