Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1077
Views
0
Helpful
3
Replies

Signing ITL File

Gordon Ross
Level 9
Level 9

‎02-01-2020 01:44 PM

There is a CLI command to (re)sign the ITL file with CallManager certificate, but, unlike the CTL file, there's no command to sign the ITL file with the ITLRecovery certificate.

 

By some magic of restarting TVS & TFTP processes, I managed to get the ITL file signed by the ITLRecovery certificate, but that was luck rather than skill.

 

Is there a known process for signing the ITL file with the ITLRecovery certificate?

Please rate all helpful posts.
Labels:
0 Helpful
3 Replies 3

Mohammed al Baqari
Level 11
Level 11

‎02-01-2020 07:46 PM

You can use this command to sign the ITL cert with ITLRecovery instead of
callmanager.pem.

utils itl reset localkey

The you can verify using the command 'show itl' that will give

SUBJECTNAME 66 CN=*ITLRECOVERY_test10pub.joemar2.lab*
;OU=tac;O=cisco;L=rtp;ST=nc;C=U



**** please remember to rate useful posts
0 Helpful

Gordon Ross
Level 9
Level 9
In response to Mohammed al Baqari

‎02-02-2020 07:37 AM

According to the docs, that command signs the ITL with the CallManager certificate...

Please rate all helpful posts.
0 Helpful

pkinane
Cisco Employee
Cisco Employee
In response to Mohammed al Baqari

‎02-03-2020 06:07 PM

This is where that information came from. In case you want to learn more.

https://www.cisco.com/c/en/us/support/docs/unified-communications/unified-communications-manager-callmanager/117598-technote-itl-00.html

In newer CUCM versions the ITL file is signed by the ITLRecovery by default.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents