cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
536
Views
0
Helpful
4
Replies

SIP secure integration between CUCM and CUC

Michael Schmidt
Beginner
Beginner

Hi,

I followed this document to configure a secure integration between CUCM and CUC.

http://www.cisco.com/c/en/us/support/docs/unified-communications/unity-connection/200504-Configure-and-Troubleshoot-Secure-Integr.html#anc6

The SIP connection was working fine with native certificates.

After I did a CSR for Callmanager certificate and installed the Root-CA and Sub-CA as Callmanager-trust and the signed Callmanager certificate back to CUCM the SIP connection between CUCM and CUC no longer is working in secure mode.

Both systems I already restarted but SIP still not working.

The CUC root certificate I also installed new as Callmanager-trust in CUCM but did not help.

Does anybody knows what to do that secure connection betweenn CUCM and CUC is working after Callmanager certificate was signed by CA?

BR

Michael

4 Replies 4

Dennis Mink
Advisor
Advisor

did you upload the Root Ca and Sub CA at both ends of the connection? ie on cucm and cuc.

also, does the cert have client server authentication under its Enhanced Key Usage (drill into the X509 cert details).?

Cheers

Please rate if useful

Please remember to rate useful posts, by clicking on the stars below.

Hi Dennis,

as written Root-CA and Sub-CA was uploaded in CUCM as callmanager-trust.

When I try to install Root-CA and Sub-CA in CUC as "connection-trust" I get this error -> Certificate upload failed, unable to generate a hashname

HARIS_HUSSAIN
Rising star
Rising star

1) Installing the Root-CA and Sub-CA 

---> Make sure you install the Root-CA and SUB-CA in CUC as well

--> Have you also signed the CUC Certificate or still using Self-Signed One. In both cases make sure you have uploaded the Root-CA and SUB-CA in CUCM.

And Finally Please rate and mark correct as applicable.

Thanks

Haris

Hi Haris,

this I did:

CUCM:

1. CSR Callmanager cert

2. CSR tomcat cert

3. Installing Root-CA and Sub-CA as Callmanager-trust

4. Installing Root-CA and Sub-CA as tomcat-trust

5. Installing ca-signed callmanager cert

6. Installing ca-signed tomcat cert

CUC:

1. CSR tomcat cert

2. Installing Root-CA and Sub-CA as tomcat-trust

3. Installing ca-signed tomcat cert

How can I sign the CUC root certificate / how can I make a CSR from CUC root certificate which could be signed because the CUC root certificate can`t be found in the OS admin but only in the CUC admin web page as *.0 file.

BR

Michael

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: