cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

AMA-CUCM Troubleshooting: Best Practices for Reading Trace Files

357
Views
0
Helpful
1
Replies
Collaborator

Good description of certificates in CUCM ?

I'm running CUCM 8.6.2 in non-secure mode, and I've been getting certificate expiry RTMT/Syslog alerts. Not a problem, I thougt. Easy. Untl I started looking into it...

Exactly what are all the certificates for ? And which ones have to be done out-of-hours ? The CUCM docs (That I've found, anyway) are pretty vague on this. The funniest bit I found in the docs is where it says: "Uploading a new certificate or certificate trust list (CTL) file can affect your system operations" Be nice a vague, eh, Cisco

The Tomcat certificate is trivial to understand and is pretty much non-service affecting.

Questions include:

- Exactly what does the CallManager certificate protect ? When I was clearing out some old/junk CallManager certificates on my dev system, suddenly all my dev phones rebooted.

- All these darn CAPF certifcates. There is CAPF.pem in CAPF, various ones in CAPF-Trust, and even more in CallManager-trust. The thought of playing with these is making me nervous: I have no desire to brick all my phones. As I said, my clusters are in non-secure mode. (At the minute....)

- When I installed my own private CA certificate in the tomcat-trust store, I found it automagically propogated across all the servers in the cluster.  What else does CUCM do automagically ?

I recall seeing a link to a support communities document on CUCM Certificates, but I can't find it now that I need it

Thanks,

GTG

Please rate all helpful posts.
Everyone's tags (2)
1 REPLY 1
Highlighted
Beginner

Good description of certificates in CUCM ?

join issue

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards