Installing CA Signed Certificate for Cisco Jabber

aniket0422 · ‎09-06-2018

Hello Guys,

Customer is using Jabber only for internal purpose. No MRA login. Its only CUCM and IM and Presence.

In case of Jabber, When we log into Jabber we get warning to accept default untrusted server certificate. If we want to replace this untrusted certificate with trusted one which certificate we need to replace.

What all changes are required on CUCM and IM and Presence in term on certification.

R0g22 · ‎09-06-2018

Please review Jabber Deployment/Planning Guides. All the information is listed there.

Dennis Mink · ‎09-06-2018

you could add the self signed cert to your clients using a global policy, or have a internal CA signed cert, so it is trusted (provided the CA cert itself isalready in the clients cert store).

Please remember to rate useful posts, by clicking on the stars below.

aniket0422 · ‎09-06-2018

If I want to use Internal CA signed certificate which CSR I would need.

Tomcat and XMPP ?

1. Generate tomcat CSR from CUCM and IMP

2. Generate xmpp CSR from IMP.

3. Get above CSR signed by Inernal CA

4. Upload CA Root certificate in tomcat-trust and xmpp-trust

5. Generate signed certificate in tomcat and xmpp on respective server.

6. restart services.

Is this correct procedure ?

R0g22 · ‎09-06-2018

That's why I advised to review the documentation first.

1. CUCM and IMP - Tomcat
2. IMP Only - XMPP
3. CUC (if applicable) - Tomcat

Generate CSR, get it signed by CA and upload to relevant stores on the servers. Root CA/Sub CA/cert chain needs to be uploaded to the trust store for the components i.e. tomcat-trust for both CUCM and IMP and cup-xmpp-trust for IMP.