I got ahead of myself and regenerated all my certificates at once, which I understand is a huge no-no. The only problem I've been having is the "Host not found" error in the Corporate Directory. I have backups of the old self-signed certificates so is there a way I can restore them and redo the whole procedure properly? If no I'll have to manually delete the ITL files on every single phone will take me days to finish! I haven't restarted any services apart from tomcat.
I don't think there's a way to restore the self-signed certs, unless you do a full DRS restore. When you re-generated them, a new cert/key were generated, and only those two will match.
Ok I'll have to just go ahead and restart the services. What can I expect to happen? Will all the phones stop working until I manually delete the ITL files on each one?
Hard to tell without knowing exactly which were the steps you followed, but yes, worst case scenario, phones will not be able to register until you delete the ITL.
Well I regenerated my tomcat, Ipsec, call manager, capf and tvs certs all at once. Later I restarted the tomcat and drs services. It fixed our backup problem but the next day a handful of phones couldn't access the corporate directory. Strangely enough it's accessible using the IP communicator.
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
