Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1139
Views
10
Helpful
5
Replies

Creation & Installation of SSL Certificates on Cisco UC Apps so that users who access UC Apps user page do not receive a certificate error.

rishi.raj.s
Level 1
Level 1

‎08-21-2015 11:44 AM - edited ‎03-17-2019 04:04 AM

Hi Experts,

I would like to request you all to please help me understand the SSL Certificate requirements needed for the below Cisco UC apps (all latest versions) so that users who access UC Apps user page do not receive a certificate error:

 

CUCM 10.5

CUC 10.5

IMP 10.5

Jabber Guest

WebEX Admin 2.5

WebEX IRP 2.5

UCCX 10.5

VCS-C 

VCS-E

Cisco Paging

Tandberg TS

Tandberg Conferencing

 

I am not sure what steps are needed to successfully configure and deploy this. Also, I hear there is a cost involved when installing third party SSL certs, what is that? On researching I came across two names, Digicert and VeriSign, how can these help me?

I would appreciate if someone can help me with entire process and complete explanation?

Labels:
0 Helpful
5 Replies 5

Jaime Valencia
Cisco Employee
Cisco Employee

‎08-21-2015 11:51 AM

Read this

https://supportforums.cisco.com/document/30501/cucm-uploading-ccmadmin-web-gui-certificates

Yes, if you want to use public CA certs, it will have a cost, if you want to use an internal CA, it might be free, depending on your choice. If you have Windows servers, you can simply enable them and use them.

The actual procedure is very simple, generate a CSR, sign it, or send it to the public CA to sign, install the root (and intermediate certs if applicable) into the tomcat-trust, then upload the server cert.

 

HTH

java

if this helps, please rate

rishi.raj.s
Level 1
Level 1
In response to Jaime Valencia

‎08-21-2015 12:20 PM

Jaime,

Thanks for your response.

The document you referred is very useful. I will go through it.

Also, I would like to re-quote my query as below:

What are End-user SSL Certificate requirements for:

CUCM

CUC

IMP

Jabber Guest

WebEX Admin

WebEX IRP

UCCX

VCS-C

VCS-E

Cisco Paging

Tandberg TS

Tandberg Conferencing

 

So they do not get the “Untrusted Site Error Message” when the end-users interact with the site.

I understand that CUCM and IMP can use the same SAN SSL cert on CUCM 10+.

 

Can anybody provide me with some sort of list that describes all the SSL requirements for each of the UC Apps mentioned above?

0 Helpful

Jaime Valencia
Cisco Employee
Cisco Employee
In response to rishi.raj.s

‎08-21-2015 01:03 PM

Assuming you're only talking about the tomcat certs, all the end user needs, is the root (and intermediate certs, if applicable) to be in their PC, and to type in the CN that will be in the cert when trying to use the web interface.

HTH

java

if this helps, please rate
0 Helpful

rishi.raj.s
Level 1
Level 1
In response to Jaime Valencia

‎08-24-2015 02:34 AM

Hi Jaime,

So basically for end users to not receive the "certificate error: Untrusted Site Error Message", I need to perform below steps:

1.  Verify Hostname and Settings
2.  Generate and Download CSR
3.  Submit CSR to CA
4.  CA Approves CSR
5.  Server Admin Downloads Issued Cert
6.  Server Admin downloads CA Cert
7. Server Admin Uploads Root Certificate(s) as tomcat-trust
7b.  Uploading an intermediate certificate
8.  Server Admin Uploads Identity Certificate as tomcat
9.  Restart Tomcat

Are these steps also valid for CUCM 10.5 and rest of the components I listed above?

Thanks..

0 Helpful

rishi.raj.s
Level 1
Level 1
In response to rishi.raj.s

‎08-25-2015 12:01 PM

I was able to research on the SSL requirements required for all the UC apps I mentioned in this discussion.

Please find the attachment.

Hope this helps someone else as well.

Thanks,

Rishi Raj Singh

Preview file
313 KB
Customers Also Viewed These Support Documents