Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1074
Views
0
Helpful
1
Replies

Could not add "subject alternate name" while generating CSR in CUCM . Incorrect Domain error.

navshriv
Level 1
Level 1

‎05-25-2016 09:22 PM - edited ‎03-17-2019 07:02 AM

In 8.6 version, it was possible to add "CUCMPUB" in "subject alternate name" while generating CSR. In CUCM 11, it seems that it will only take inputs in FQDN format.

This is causing issue while people browse CUCM using ... only hostname , It shows certificate as untrusted.

When people use FQDN like: CUCMPUB.Server.com , the certificate is trusted.

How can we make https://CUCMPUB/ URL as trusted URL while browsing from PC... . In 8.6 , it was resolved by providing "CUCMPUB" in "subject alternate name" while generating CSR.

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Manish Gogna
Cisco Employee
Cisco Employee

‎05-25-2016 10:00 PM

Hi Naveen,

If you are using multiserver certs then this could be the issue

Table 3 Certificates and SAN Entries
Certificate SAN Entries
CSR (Single-Server) CSR (Multiserver)

Tomcat
  • FQDN (or hostname)
  • Network domain (if configured)
  • FQDN of all Unified Communications Manager and IM and Presence Service servers in the cluster
  • Network domains (if configured)
  • Custom values

CallManager
  • FQDN (or hostname)
  • Network domain (if configured)
  • FQDN of all Unified Communications Manager servers in the cluster
  • Network domains (if configured)
  • Custom values

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/rel_notes/10_5_1/CUCM_BK_CE15D2A0_00_cucm-release-notes-1051/CUCM_BK_CE15D2A0_00_cucm-release-notes-1051_chapter_01.html

Manish

0 Helpful
Customers Also Viewed These Support Documents