05-03-2021 08:08 AM
I have question regarding the trust certificates. We have 5 nodes in our cluster, 3 cucm and 2 presence nodes.
All the tomcat certificates are internal CA signed. Tomcat cert is expiring in one of the presence nodes, we will submit a CSR and get CA signed.
After getting the new certificate, do we need to upload the same certificate as "tomcat-trust" on other nodes?
Root and intermediate certificates are already present in all the nodes.
Can someone please explain how trust certificates work for CA signed certs?
Solved! Go to Solution.
05-03-2021 08:34 AM
Look at this document for details on how to manage certificates in UC systems. Cisco UC Certificates Renewal Guide
05-03-2021 08:18 AM
if you are signing a tomcat cert you upload the signed certificate as tomcat certificate.
Root/intermediate certificate from the CA will be uploaded as the tomcat trust.
If you have the CA/intermediate in tomcat trust you don’t need to upload the CA again.
05-04-2021 02:58 AM
and all other nodes should have the CA/intermediate certs in their tomcat-trust?
05-04-2021 03:59 AM
You would upload these certificates on the Pub and it will distribute it to the other nodes in the cluster.
05-03-2021 08:34 AM
Look at this document for details on how to manage certificates in UC systems. Cisco UC Certificates Renewal Guide
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide