Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
674
Views
7
Helpful
2
Replies

CUCM Certificate Regeneration - service impact?

TONY SMITH
Spotlight
Spotlight

‎09-27-2018 03:39 AM - edited ‎03-17-2019 01:32 PM

Hi,

I need to regenerate expired certificates on a live CUCM 9.1 cluster.  Could I just sanity check on service impact, by which I mean impact on calls and on SCCP and SIP registered phones?   My understanding is that there should be no impact when regenerating Tomcat and IPSec certificates.   Is this correct?  Last time I did this was all within a change window so I didn't care if the phones did a soft reset, and I don't remember if they did.

Thanks, Tony S

Labels:
0 Helpful
2 Replies 2

Slavik Bialik
Level 7
Level 7

‎09-27-2018 04:13 AM

Hi,
If you'll regenerate the Tomcat certificate and then restart the Cisco Tomcat service, it might only affect Jabber users with some error which will disappear in a few minutes, and if someone will try to access service like Corporate Directory for example, they'll fail to do that. But nothing more then that. About IPSec certificates... well, for what are you using them exactly? Can't be really sure about it.
Anyway, the phones won't restart.

Chris Deren
Hall of Fame
Hall of Fame

‎09-27-2018 06:01 AM

I concur with Slavik (+5), you need to list which self signed certs you are re-generating as they all provide different purpose thus have different impact, i.e. regenerating callmanager certs for example or even deleting expired callmanager trust store certs will cause phones to reset due to ITL cert updates.

Customers Also Viewed These Support Documents