Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
744
Views
0
Helpful
4
Replies

Installing CA Signed Certificate for Cisco Jabber

aniket0422
Level 1
Level 1

‎09-06-2018 12:05 PM - edited ‎09-06-2018 12:06 PM

 

Hello Guys,

 

Customer is using Jabber only for internal purpose. No MRA login. Its only CUCM and IM and Presence.

 

In case of Jabber, When we log into Jabber we get warning to accept default untrusted server certificate. If we want to replace this untrusted certificate with trusted one which certificate we need to replace.

 

What all changes are required on CUCM and IM and Presence in term on certification.

Labels:
0 Helpful
4 Replies 4

R0g22
Cisco Employee
Cisco Employee

‎09-06-2018 12:16 PM

Please review Jabber Deployment/Planning Guides. All the information is listed there.

0 Helpful

Dennis Mink
VIP Alumni
VIP Alumni

‎09-06-2018 12:50 PM

you could add the self signed cert to your clients using a global policy, or have a internal CA signed cert, so it is trusted (provided the CA cert itself isalready in the clients cert store).

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

aniket0422
Level 1
Level 1
In response to Dennis Mink

‎09-06-2018 01:15 PM

If I want to use Internal CA signed certificate which CSR I would need. 

 

Tomcat and XMPP ?

 

1. Generate tomcat CSR from CUCM and IMP

2. Generate xmpp CSR from IMP.

3. Get above CSR signed by Inernal CA

4. Upload CA Root certificate in tomcat-trust and xmpp-trust

5. Generate signed certificate in tomcat and xmpp on respective server.

6. restart services.

 

Is this correct procedure ?

0 Helpful

R0g22
Cisco Employee
Cisco Employee
In response to aniket0422

‎09-06-2018 01:49 PM

That's why I advised to review the documentation first.

1. CUCM and IMP - Tomcat
2. IMP Only - XMPP
3. CUC (if applicable) - Tomcat

Generate CSR, get it signed by CA and upload to relevant stores on the servers. Root CA/Sub CA/cert chain needs to be uploaded to the trust store for the components i.e. tomcat-trust for both CUCM and IMP and cup-xmpp-trust for IMP.

0 Helpful
Customers Also Viewed These Support Documents