Solved: CUCM 7.1 and CUC 8.6 Secure LDAP Server certificates

David.Pellat · ‎05-06-2012

Dear All,

We are looking to integrate our callmanager and Unity connection with a new MS AD global catalogue server. I understand that i need to import a new certificate via the Cisco Unified OS amministration in the respective servers. I have found the process on how this is acheived and it seems pretty straight forward. how do i generate/obtain the correct certificate to install? Is there a process or a specific certificate name that i should be requesting from the MS AD Administrator? Is there any documentation on this?

Thanks

David

Joseph Martini · ‎05-07-2012

The easiest way to determine what certificate you need is by connecting to the port you're using with openssl to show what certificate the service is presenting. Most likely you're using 3269 since it's a global catalog and secure.

Example:

openssl s_client -connect x.x.x.x:3269

This will show on the console what certificate the AD server is presenting and by matching up the serial number from the openssl output you can find the same certificate on the AD server.

View solution in original post

Joseph Martini · ‎05-07-2012

The easiest way to determine what certificate you need is by connecting to the port you're using with openssl to show what certificate the service is presenting. Most likely you're using 3269 since it's a global catalog and secure.

Example:

openssl s_client -connect x.x.x.x:3269

This will show on the console what certificate the AD server is presenting and by matching up the serial number from the openssl output you can find the same certificate on the AD server.