cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
438
Views
0
Helpful
1
Replies

Good description of certificates in CUCM ?

Gordon Ross
Engager
Engager

I'm running CUCM 8.6.2 in non-secure mode, and I've been getting certificate expiry RTMT/Syslog alerts. Not a problem, I thougt. Easy. Untl I started looking into it...

Exactly what are all the certificates for ? And which ones have to be done out-of-hours ? The CUCM docs (That I've found, anyway) are pretty vague on this. The funniest bit I found in the docs is where it says: "Uploading a new certificate or certificate trust list (CTL) file can affect your system operations" Be nice a vague, eh, Cisco

The Tomcat certificate is trivial to understand and is pretty much non-service affecting.

Questions include:

- Exactly what does the CallManager certificate protect ? When I was clearing out some old/junk CallManager certificates on my dev system, suddenly all my dev phones rebooted.

- All these darn CAPF certifcates. There is CAPF.pem in CAPF, various ones in CAPF-Trust, and even more in CallManager-trust. The thought of playing with these is making me nervous: I have no desire to brick all my phones. As I said, my clusters are in non-secure mode. (At the minute....)

- When I installed my own private CA certificate in the tomcat-trust store, I found it automagically propogated across all the servers in the cluster.  What else does CUCM do automagically ?

I recall seeing a link to a support communities document on CUCM Certificates, but I can't find it now that I need it

Thanks,

GTG

Please rate all helpful posts.
1 Reply 1

CSCO10619483
Beginner
Beginner

join issue

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers