Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
685
Views
1
Helpful
5
Replies

PCD Migration - CUCM 11.5-15.0 - Question about CallManager/TVS Certs

Go to solution
kylebrogers
Level 4
Level 4

‎10-02-2024 01:09 PM

If I have an 11.5 CUCM cluster with expired CallManager and TVS Certs, do I have regen them before the migration or will the new 15.0 version accept the expired certs for import.

I would prefer to regen the certs once the cluster is on 15.0 rather than doing it on an old, EoS version of CUCM, but I don't know if 15.0 will refuse the expired certs during import/install.  

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
kylebrogers
Level 4
Level 4

‎10-07-2024 07:58 PM

In case anyone else needs to know this, I was able to do the migration with the expired certs and then regenerate them after the migration.  

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Roger Kallberg
VIP
VIP

‎10-02-2024 10:19 PM

I don’t know about if v15 would refuse to accept the expired certificates, but in general it’s a rather bad idea to run a system with expired certificates. My recommendation would be to renew them in your current system. To do so please have a look at this document. Cisco UC Certificates Renewal Guide 



Response Signature


0 Helpful

Go to solution
kylebrogers
Level 4
Level 4
In response to Roger Kallberg

‎10-02-2024 10:22 PM

Thanks, I agree and don't plan on leaving the certificates expired, but I would rather renew them on v15 since I can get support if I run into issues as opposed to 11.5, which is EoS.  So I'm trying to find out specifically if I can move from 11.5 to 15 with the expired certs, then renew them once I'm on 15.  

0 Helpful

Go to solution
Nithin Eluvathingal
VIP
VIP

‎10-02-2024 10:34 PM

It’s not a good idea to perform migrations with expired certificates. I recommend renewing the certificates before proceeding with the migration.



Response Signature


0 Helpful

Go to solution
kylebrogers
Level 4
Level 4

‎10-07-2024 07:58 PM

In case anyone else needs to know this, I was able to do the migration with the expired certs and then regenerate them after the migration.  

0 Helpful

Go to solution
Nithin Eluvathingal
VIP
VIP
In response to kylebrogers

‎10-07-2024 09:40 PM - edited ‎10-07-2024 09:40 PM

In fact, the migrations would definitely work; however, they are not recommended. Performing migrations and upgrades with expired certificates is not good practice. It is also recommended to run the pre-upgrade checks, expired certificates will definitely cause failures in the pre-check. There is always a high risk of encountering problems when best practices are not followed. However, the choice is personal—either to proceed in their own way or to follow the recommendations.



Response Signature


Customers Also Viewed These Support Documents