• The CSRs for Cisco Unified Communications Manager, Tomcat, and IPsec use the following extensions:X509v3 extensions:
X509v3 Key Usage:
•Digital Signature, Key Encipherment, Data Encipherment, Key Agreement, Certificate Sign
X509v3 Extended Key Usage:
•TLS Web Server Authentication, TLS Web Client Authentication, IPsec End System
Readhing what each of these does...I highly doubt that this is accurate. First of all, none of Cisco's guides show using anything but Digtial Signature and Key Encipherment for the tomcat cert. Not to mention that you can't even create such a template as above with Windows CA servers without building a custom inf and importing it.....I really doubt that there are many users that have ever done that for their cucm certs.
CUC OS guide states:
•The CAPF CSR uses the following extensions:
X509v3 extensions: X509v3 Key Usage: Digital Signature, Certificate Sign X509v3 Extended Key Usage: TLS Web Server Authentication, IPSec End System
•The CSRs for Cisco Unified Communications Manager, Tomcat, and IPSec use the following extensions:
X509v3 Key Usage: Digital Signature, Key Encipherment, Data Encipherment, Key Agreement X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication, IPSec End System
Clearly different requirements for the tomcat cert than in CUCM. And again bizarre things like Key Encipherment and Key Agreement..which are mutually exclusive in Microsoft CA templates. I simply cannot beleive these are accurate.
My hypothesis is that the CUCM, Tomcat and IPSec certs all need different x509v3 usage templates...but Cisco hasn't bothered to break them out. Can we please get accurate confirmation of what is needed for these certs??? Along with the IOS certs for secure SIP and secure conferencing...clear requirements for VCS would be nice. These seem a bit vauge as well. I think we are at the point where a clear and concise PKI doc for UC may be needed...or at least a very detailed chapter the SRND.
Learn: How to configure Cloud Connected PSTN with Webex Calling
CCP Provider Name
Product Home Page Link
Webex Calling Customer Region
Countries Supported by Provider
Free Trial Link
Contact Provider Link
FR & LU
Meet the Authors Video - Leveraging SBCs to Empower a Changing World of Collaboration
(Live event – Tuesday, 16th, 2020 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 7:00 p.m. Paris)
This event had place on Tuesday 16th, February 2020 at 10am PST ...
This event had place on Tuesday 16th, February at 9:30am PST
The need for virtual collaboration across individuals, teams, organizations, and industries has been significantly changed with the global challenges presented in 2020. The indust...
Cisco Champion Radio · S8|E8 The Future of Work with Cognitive Collaboration
Cognitive Collaboration brings together intelligence and context throughout all collaboration experiences. Bridging AI and ML capabilities with insight and the context of the me...