cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
1440
Views
35
Helpful
21
Replies
raziel78kain
Explorer

CUCM 8.x: self-signed certificates expiring

Hello,

we have a CUCM 8.x cluster (made by 3 servers).

We have noticed that the self-signed certificates are going to expire.

Since we have seen that there are several certificates to regenerate (tomcat, ipsec, CallManager, CAPF, TVS), and since we have read around that we could have issues with the devices  interacting with the CUCM (first of all the phones, but even other servers, Cisco and not) if we don't regenerate them correctly, we would like to know the right procedure to regenerate them on all the servers, and to update them on the various devices.

TIA and regards.

21 REPLIES 21

Hello! Thanks for good suggestion. Great Video!

I understand a bit more about certificates involved in UC infrastructure now.

I still have some doubts about impacts on production environments when expecially callmanager.pem certificate expires

Thanks

Giovanni

Hi Jaime,

I can't access that video with my account, is it found elsewhere?

Jaime Valencia
Hall of Fame Cisco Employee

I'm afraid not, the video is in PEC (Partner Education Connection), which means a CCO associated to a Cisco partner is required to access it.

HTH

java

if this helps, please rate

Hello Jaime,

I've found the PDF showed on that video:

https://salesconnect.cisco.com/#/content-detail/ab5ace36-2e9e-472a-9a74-604277e586ed

I've a question for you regarding the page 85/112 (Avoiding phone trust list update failure): What does the author mean with "Track phone(s) not registered to the cluster before regenerating ccm+tftp, tvs certificate"?

Thanks and regards.

Hi raziel,

The link doesn't work, any chance you can provide the name of the PDF/presentation?

Hello Nadav,

try to:

  • go on https://salesconnect.cisco.com/#/
  • search "piw certificate management pdf"

Regards.

Hello Jaime,

do you have any comment about the page 85/112 (Avoiding phone trust list update failure) of the document showed on that video (https://salesconnect.cisco.com/#/content-detail/ab5ace36-2e9e-472a-9a74-604277e586ed)?

In particular, what does the author mean with "Track phone(s) not registered to the cluster before regenerating ccm+tftp, tvs certificate"?

Thanks and regards.

Create
Recognize Your Peers
Content for Community-Ad