cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

New Hall of Fame Member-Peter PAluch

174
Views
5
Helpful
3
Replies
Highlighted
Beginner

Voice Encryption for Jabber & 8800

Hi experts, there is a need to encrypt voice traffic and I have moved CUCM to mixed mode and assigned secured profile for Jabber & Hard phones. Would like to check on below items,

 

- the gateway is currently using mgcp, do I need to reconfigure for SIP TLS?

- how does Jabber & 8800 RENEW their identify certs ? Anything needs to configured? 

Many Thanks

3 REPLIES

Re: Voice Encryption for Jabber & 8800

1. You should use SIP TLS instead. Continuing to use MGCP would require the use of IPSec between the OS of the CUCM VMs (ie OS Administration) and the IOS router.
2. They don’t. Welcome to one of many limitations of mixed mode. You must manually initiate the CAPF renewal operation from CUCM Admin, either individually per-device or in bulk using BAT.
Beginner

Re: Voice Encryption for Jabber & 8800

Thanks Jonathan, where can i adjust the client cert validity period ? Thanks

Re: Voice Encryption for Jabber & 8800

The CAPF Service Parameter "Duration Of Certificate Validity (in days)" has a default value of 1825 or five years. It would be fairly unusual to generate a certificate for longer than that. The longer the RSA keys are in use the greater theoretical chance they can be compromised.

CreatePlease to create content
Content for Community-Ad

Blog-Cisco Community Designated VIP Dinner CLEUR2019