06-11-2013 07:29 PM - edited 03-16-2019 05:49 PM
Hi all,
Our CAPF, CallManager, IPsec and tomcat certificates due to expire soon and I would like to know the process to update them. We are running mixed mode using LSCs. I have found information on setting up the CAPF from scratch, but not much to do with updating the current certs.
From what I can gather, the steps should be similar to below...
Can anyone confirm this? Not having a lab environment to test this with, I am hesitant to do so before being able to confirm!
Much appriciated, Thank you.
06-18-2013 07:37 PM
Anyone? Surely someone has come across this scenario before?
07-09-2013 04:07 PM
For anyone else who may come across this issue, the steps below were successful for me...
1. Backup either the full system, or download/backup the current certs
2. Regenerate tomcat.pem
3. Restart tomcat service
4. Regenerate ipsec.pem
5. Regenrate callmanager.pem
6. Regenerate capf.pem
7. (if cluster) Follow the above steps on all the other servers starting with Publisher and then on subs
8. Run the CTL client and update CTL
9. Reboot servers, starting with Pub, then Subs
10. (Using BAT) Set all phones back to...
a. Certificate Operation: install/upgrade
b. Authentication Mode: by null string
c. Save, Apply Config and reset
11. (Using BAT) Set Security-Profile on all phones back to Secure Profile. Save, Apply, Reset.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide