Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
798
Views
5
Helpful
3
Replies

Voice Encryption for Jabber & 8800

ShankarP
Level 1
Level 1

‎12-06-2018 06:37 AM

Hi experts, there is a need to encrypt voice traffic and I have moved CUCM to mixed mode and assigned secured profile for Jabber & Hard phones. Would like to check on below items,

 

- the gateway is currently using mgcp, do I need to reconfigure for SIP TLS?

- how does Jabber & 8800 RENEW their identify certs ? Anything needs to configured? 

Many Thanks

Labels:
0 Helpful
3 Replies 3

Jonathan Schulenberg
Hall of Fame
Hall of Fame

‎12-22-2018 08:47 AM

1. You should use SIP TLS instead. Continuing to use MGCP would require the use of IPSec between the OS of the CUCM VMs (ie OS Administration) and the IOS router.
2. They don’t. Welcome to one of many limitations of mixed mode. You must manually initiate the CAPF renewal operation from CUCM Admin, either individually per-device or in bulk using BAT.

ShankarP
Level 1
Level 1
In response to Jonathan Schulenberg

‎01-16-2019 02:46 PM

Thanks Jonathan, where can i adjust the client cert validity period ? Thanks

0 Helpful

Jonathan Schulenberg
Hall of Fame
Hall of Fame
In response to ShankarP

‎01-16-2019 04:29 PM

The CAPF Service Parameter "Duration Of Certificate Validity (in days)" has a default value of 1825 or five years. It would be fairly unusual to generate a certificate for longer than that. The longer the RSA keys are in use the greater theoretical chance they can be compromised.

0 Helpful
Customers Also Viewed These Support Documents