Hello All,
I recently enabled tokenless mixed mode on my 11.5 SU7 cluster. 8865 endpoints get the CTL files and are able to make encrypted calls with no issue. While trying to register a TP endpoint in secure mode i realized that the endpoint was not getting the LSC Certificate. After further investigation i found that the CAPF service was not enabled. My question is this. Can I just enable the CAPF service and restart TFTP to deploy LSCs or do i need to go through and regenerate the CAPF certificates and then enable the CAPF service? Documentation that I've seen seems to mention only to regenerate the CAPF certs when they are about to expire or are expired. I have two years left to go on the cert.
Also, if i do need to regenerate the certs what is the correct order of operations? Do i regenerate, then activate the service or activate, then regenerate?
Trying to avoid having to factory reboot 1000 phones.
Thanks in advance,
-Chris