Cisco Community
English
Register
We're here for you! LEARN about free offerings and business continuity best practices during the COVID-19 pandemic
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

235
Views
0
Helpful
3
Replies
Highlighted
Gordon Ross
Engager
Engager
‎10-09-2019 08:29 AM
‎10-09-2019 08:29 AM

SRTP, CUBE & Multi-SAN CUCM Certificate

I've read two Cisco documents on setting up a secure SIP trunk between CUBE and CUCM. Both documents talk about importing every node's Callmanager certificate into CUBE.

 

But what if you've got a multi-SAN certificate for CallManager? (I.e. One certificate for all nodes in the cluster) Do I have to import the same certificate for each node in the cluster, or is there another way to do it?

Please rate all helpful posts.
Labels:
Everyone's tags (3)
0 Helpful
Reply
3 REPLIES 3
Highlighted
Jaime Valencia
Hall of Fame Cisco Employee Hall of Fame Cisco Employee
Hall of Fame Cisco Employee
‎10-09-2019 08:57 AM
‎10-09-2019 08:57 AM

Re: SRTP, CUBE & Multi-SAN CUCM Certificate

This follows the same basic rules of certificates/encryption you would follow in CUCM, there's nothing special in that regards.

Most likely the doc you looked at did that because they were using self-signed certs, and then each server acts as a standalone CA.

In my lab as I use the same CA for everything, I generated the CSR request on the ISR, had it signed, then uploaded the same root CA I use in CUCM and the signed certificate and that's it. I'm able to have TLS/SRTP between them

HTH

java

if this helps, please rate
0 Helpful
Reply
Highlighted
Gordon Ross
Engager
Engager
‎10-09-2019 09:53 AM
‎10-09-2019 09:53 AM

Re: SRTP, CUBE & Multi-SAN CUCM Certificate

That's good to know. I wondered if something clever was going on and each server's SSL certificate had to be validated against it's name/IP address. So it looks more like that CUBE is just checking that the certificate is recognised and doesn't care where it comes from.
Please rate all helpful posts.
0 Helpful
Reply
Highlighted
Gordon Ross
Engager
Engager
‎10-09-2019 10:09 AM
‎10-09-2019 10:09 AM

Re: SRTP, CUBE & Multi-SAN CUCM Certificate

BTW - If my CUCM certificate is signed by a CA (Commercial or othewise) do I need to upload the full certificate chain, or just the CUCM endpoint certificate?
Please rate all helpful posts.
0 Helpful
Reply
Latest Contents
Video Conferencing and Webex
Created by RS1601763J2 on 05-21-2020 01:52 PM
0
0
0
0
I'm want to video conference from a Cisco Web Room Kit Pro end point to Virtual Webex and have my customers be able to view/collaborate via Microsoft Teams.  What licenses would be required to make this happen?
Agents in multiple groups (Need help designing the queue)
Created by Agent007 on 05-21-2020 10:48 AM
1
0
1
0
I am new to UCCX and was just asked to change the queue. Need help designing the new queue. Existing queue:Has 6 agents and all part of the same group. New queue requirements: - Split them into two groups (Group 1 and Group 2)- Put IVR in t... view more
Webex Events recording
Created by vtrovao on 05-21-2020 09:18 AM
0
0
0
0
We recorded an event using Webex Events and when we download it we couldn't see the participants video, only the audio is on.If we watch it throught webex environment the video shows up.Anyone knows what it could be?Download fileOn webex platform
Windows Server CA Template for Web and Client Authentication...
Created by Elias Sevilla Duarte on 05-19-2020 08:01 AM
2
5
2
5
(view in My Videos)
Disable features in the Webex Desktop app
Created by Eddie033 on 05-18-2020 11:54 AM
0
0
0
0
Hey all, Is there a feature that would allow me to disable file transfers, remote control or chat capabilities directly on the Webex Desktop app? Our goal is to restrict these features so that when we connect to an external Webex site from our local ... view more
CreatePlease to create content
Discussion
Blog
Document
Video
Content for Community-Ad
Future of Work Virtual Summit Day 5

Cisco COVID-19 Survey