Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
491
Views
0
Helpful
3
Replies

CUCM smart account SSL Inspection

Go to solution
iptsupport
Level 4
Level 4

‎08-27-2023 01:18 AM - edited ‎08-27-2023 02:33 AM

Hello ,

My customer want to register CUCM to smart account via proxy
with SSL Inspection not by pass .
Is it support ?
my CUCM version is 12.5
I can't find documentation with SSL Inspection.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Roger Kallberg
VIP
VIP
In response to iptsupport

‎08-28-2023 04:05 AM

The concept should be the same. You'd have to import the proxy certificate(s) into the applicable trust store in the UC system. Likely it would be the Tomcat trust store. Having that said it's not recommended to include this traffic in the SSL inspection. It would be much better if you could get the customer to either exclude it from the inspection or use an on-prem SSM system and have the systems connect to it instead of each one communicating directly with the cloud SSM.



Response Signature


View solution in original post

0 Helpful
3 Replies 3

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎08-27-2023 04:44 AM

what proxy you using - 

  • Smart Licensing does not support HTTPS Proxy SSL certificate interception by default when using third-party proxies for the HTTPS Proxy method. To support this feature, you can either disable SSL interception on the Proxy, or manually import the certification sent from the Proxy.

below guide help you :

https://www.cisco.com/c/en/us/support/docs/switches/catalyst-9500-series-switches/214484-cisco-smart-licensing-troubleshooting.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
iptsupport
Level 4
Level 4
In response to balaji.bandi

‎08-27-2023 11:07 PM

Hello, the link that you refer Catalyst not CUCM .

 

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to iptsupport

‎08-28-2023 04:05 AM

The concept should be the same. You'd have to import the proxy certificate(s) into the applicable trust store in the UC system. Likely it would be the Tomcat trust store. Having that said it's not recommended to include this traffic in the SSL inspection. It would be much better if you could get the customer to either exclude it from the inspection or use an on-prem SSM system and have the systems connect to it instead of each one communicating directly with the cloud SSM.



Response Signature


0 Helpful
Customers Also Viewed These Support Documents