cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
871
Views
0
Helpful
1
Replies

Phone restart?? after certificate renewal CM 11.5?

Austin Sabio
Level 4
Level 4

Hello, 

I am seeking your assistance to determine if phone restart process across the entire cluster is required after certificate renewal; in this particular case its for tomcat and callmanager certs. However, based on my lab work due to two CUCM entries for the phones [1 pub and 1 sub, Call manager service is running on both]- phones received the proper ITL file and certificates were renewed successfully with no outage (phones didn't reset) following recommended procedures [based on cisco documentation, forum cases and TAC recommendations].  

 

According to cisco documentation, 

"8.Reboot all Phones

  • Cisco Unified CM Administration > System > Enterprise Parameters
  • Select Reset then you will see a pop-up with the statement You are about to reset all devices in the system. This action cannot be undone. Continue?,select OK and then select Reset"

https://www.cisco.com/c/en/us/support/docs/unified-communications/unified-communications-manager-callmanager/214231-certificate-regeneration-process-for-cis.html#anc8

 

Another reference from Jason Burns.

"Newer versions of CUCM will handle this phone reset automatically and warn the user at certificate regeneration time."

https://community.cisco.com/t5/collaboration-voice-and-video/communications-manager-security-by-default-and-itl-operation-and/ta-p/3129362#toc-hId-2052532520

 

Please note the lab work was based on self-signed cert and upcoming production work is using CA signed cert. 

 

Thanks. 

Austin

1 Reply 1

Austin Sabio
Level 4
Level 4

Is the phone restart process (via enterprise parameters) limited when the cert is truly expired? Typically, I have seen the cert renewal done with no need to actually restart the phones (1 pub, 4 sub environment). Could you please assist?

 

Thanks. 

Austin