08-05-2014 05:14 PM - edited 03-16-2019 11:38 PM
When I click on Callamanger and select Generate CRS, there is a field in the popup called Domain name which shows the companyname.com.
In 10.5, I was told that this is required. Anyone cares to explain in more details?
Also, I noticed that there is callmanager and there is also tomcat from Certificate Management. I select callmanager and use that to generate CSR and I submit it to a 3rd party CA. If I repeat the same process but this time selecting tomcat, the 3rd party CA will complain of a duplicate. Ideas? or callmanager alone is good?
My goal is to encrypt calls
Solved! Go to Solution.
08-07-2014 10:41 AM
DId you follow the guide below?
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/security/10_0_1/secugd/CUCM_BK_C68276B4_00_cucm-security-guide-100/CUCM_BK_C68276B4_00_cucm-security-guide-100_chapter_0100.html
08-07-2014 11:19 AM
George,
Which parts as I am not using client token as this is 10.5?
08-07-2014 11:20 AM
In your case, the CLI part. However i would read this guide fully to understand mixed mode cluster security.
08-07-2014 11:25 AM
Here's the highlevel overview of what I did
1) CUCM is in non-scure mode
2) Download callmanager CSR and sent to Verisign
3)Received callmanager.CER from verisign
4)Uploaded it by selecting callmanager-trust. If I select callmanager, I get an error about store
5)rebooted the server
6)enabled mixed mode via CLI
7)Rebooted the server
This is the time I tried to go to the IE certifcation path and didnt get that same tree you have
08-07-2014 12:07 PM
08-07-2014 10:52 AM
Do I need to download this root and intermediate cert from the OS admin of CUCM or that is from the pic you sent wherein I do it in the IE browser connected to my CUCM?
08-07-2014 10:55 AM
Can you send me the cert somehow? Fileshare or PM me via the community?
08-07-2014 12:04 PM
How do I PM you? Been trying to do that
08-06-2014 09:51 PM
Hello
you have to generate intermediate certificate from Root certificate. After this you have to upload CA to tomcat-trust , the upload the certificate .cer to trust tomcat after you uploaded it CUCM changes the name of the file to <SUBJECT CN>.pem. . Kindly check the below links:-
http://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-communications-manager-version-60/112108-sslcert-cucm-00.html
https://supportforums.cisco.com/document/30501/cucm-uploading-ccmadmin-web-gui-certificates
https://supportforums.cisco.com/document/91906/high-level-view-certificates-cucm
Thanks
please rate all useful information
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide