The CUCM OS Administration guide lists the CSRs for Cisco Unified Communications Manager, Tomcat, and IPsec use the following extensions:
This is updated from previous releases and I need to know if this is actual or a typo. Most all of our customers use a Microsoft Certificate authority internal to sign tomcat.
The "Key Usage" doesn't look correct. Using a Microsoft CA the documentation should show "Key Encipherment, Data Encipherment OR Key Agreement". You don't get a choice to do all three, you must choose Key Agreement or Key Encipherment.
Now there is a 5th key usage listed in the documentation "certificate sign". How do I add this because a certificate for signature and encryption is not going to be enabled for certificate signing purposes.
I need to figure out these requirements ASAP because of a tight roll-out on the Jabber and needing signed certificates to eliminate the certificate prompts. I want to make sure my certificate requests are proper.
Thanks!