Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
391
Views
0
Helpful
1
Replies

CUCM and IM&P Certificate Management 10.5

Joshua Warcop
Level 5
Level 5

‎05-14-2014 08:33 AM - edited ‎03-16-2019 10:47 PM

The CUCM OS Administration guide lists the CSRs for Cisco Unified Communications Manager, Tomcat, and IPsec use the following extensions:

 

This is updated from previous releases and I need to know if this is actual or a typo. Most all of our customers use a Microsoft Certificate authority internal to sign tomcat. 

 

 

The "Key Usage" doesn't look correct. Using a Microsoft CA the documentation should show "Key Encipherment, Data Encipherment OR Key Agreement". You don't get a choice to do all three, you must choose Key Agreement or Key Encipherment. 

 

 

Now there is a 5th key usage listed in the documentation "certificate sign". How do I add this because a certificate for signature and encryption is not going to be enabled for certificate signing purposes. 

 

 

I need to figure out these requirements ASAP because of a tight roll-out on the Jabber and needing signed certificates to eliminate the certificate prompts. I want to make sure my certificate requests are proper. 

 

 

Thanks!

2 people had this problem
Labels:
0 Helpful
1 Reply 1

oskar.widecki
Level 1
Level 1

‎08-10-2015 07:33 AM

Joshua,

I'm going through exactly the same issue - correctly selecting Key Usage on our Microsoft CA to match CUCM 10.5 certs.  How did you resolve this?

Thanks,

Oskar

 

0 Helpful
Customers Also Viewed These Support Documents