04-14-2020 05:42 AM
We started getting alerts about expired VeriSign certificates from some of our nodes, so we went about the process of replacing them on our CUCM nodes. That process went smoothly. We no longer see the VeriSign certificate in our CUCM nodes.
However, we are now getting alerts from our CUPS servers saying that the Verisign certificate is expired. I see in the description on both cups and cups-sub that the certificate is imported from from our CUCM node. Will it automatically re-import, or do I need to add it manually back in the same way I did the CUCM nodes?
Thanks,
-Mike
Solved! Go to Solution.
04-15-2020 07:59 AM
What version is your CUCM/IMP? Prior to 11.5 deleting certs needed to be done separately on each node, so if you are on older version just follow the same procedure you did on your CUCM to delete the old certs. The new certs should be replicated already in the tomcat-trust.
04-15-2020 07:59 AM
What version is your CUCM/IMP? Prior to 11.5 deleting certs needed to be done separately on each node, so if you are on older version just follow the same procedure you did on your CUCM to delete the old certs. The new certs should be replicated already in the tomcat-trust.
04-15-2020 09:01 AM
We're on 10.5.
I was expecting to find a way to trigger the import, but it looks like CUPS picked them up over night. Thanks! Both CUPS and CUPS-SUB are showing the tomcat-trust from CUCM imported as of this morning.
04-15-2020 09:35 AM
It should be pretty automatic, perhaps your cluster had some cert notification service issues.As of version 11.5 certs automatically get deleted across cluster as well. Either way let us know if you have any other questions.
Please rate all useful posts!
Chris
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide