Re: Expired CAPF certificate

SAIFUDEEN C .K · ‎03-06-2019

Hi All,

Please help me with the below query

I have cucm 10.5 cluster.

There are some CAPF trust certs which are expired.I would like to know if I delete the CAPF trust, how it can be regenerated.

What would be the impact of deleting the expired CAPF Trust.

Is there any procedure to follow before deleting the expired CAPF Trust.

please help.

Regards,

Saifudeen

bsrohan · ‎03-07-2019

I have a similar situation as well, any information/steps regarding this will be very helpful.

Thanks in advance.
- Rohan

Dennis Mink · ‎03-10-2019

Renew/regenerate the capf cert on the cucm on which it expired. The upload that cert into the capf trust store of the others. And restart the capf service on all servers in cluster.

Please remember to rate useful posts, by clicking on the stars below.

Jaime Valencia · ‎03-07-2019

The procedure is outlined here, and there are several other threads and references to certificate regeneration/renewal.

https://www.cisco.com/c/en/us/support/docs/unified-communications/unified-communications-manager-callmanager/200199-CUCM-Certificate-Regeneration-Renewal-Pr.html

Special care if you're using mixed mode or the CTL for some other purpose, if not, it will be easier.

HTH

java

if this helps, please rate

bsrohan · ‎03-08-2019

Thank you Jaime.

- Rohan

SAIFUDEEN C .K · ‎03-09-2019

Hello Jaime,

Thank you so much for your response.

1.I am still not clear how the trust certificates will be recreated, if all are expired.

2.How can we know which CAPF certificate is in use.

Regards,

Saifudeen