Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4446
Views
5
Helpful
7
Replies

What is the difference between a normal certificate and a trust certificate?

Go to solution
techToddler
Level 1
Level 1

‎12-17-2017 10:43 PM - edited ‎03-17-2019 11:48 AM

Hello Friends

 

What is the difference between a normal certificate and a trust certificate?

Say tomcat or ipsec with tomcat or ipsec trust certificates.

I looked Cisco docs and could get far with it. Could someone explain more on this.

 

Regards

Sanjay

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rajan
VIP Alumni
VIP Alumni
In response to techToddler

‎12-18-2017 09:23 PM

Hi Sanjay,

As you have self signed certificates, CA certs are not needed and trust certificate will be there by default in CUCM.

Reg impact for ipsec cert, it impacts DRF (backup and restore). if this is expiring, you can simply regenerate and reboot the node in which it expired to complete the process. Please refer the below link for the procedure:

https://www.cisco.com/c/en/us/support/docs/unified-communications/unified-communications-manager-callmanager/117299-problemsolution-product-00-html.html#anc8

HTH
Rajan
Pls rate all helpful posts

View solution in original post

7 Replies 7

Go to solution
Georgios Fotiadis
VIP Alumni
VIP Alumni

‎12-18-2017 01:54 AM

As tomcat you upload the certificate for the service itself, while as tomcat-trust the CA authority (along with any intermediate if any): The Difference Between tomcat and tomcat-trust

Georgios
Please rate if you find this helpful.
0 Helpful

Go to solution
techToddler
Level 1
Level 1

‎12-18-2017 03:37 AM

So what happens if we dont upload the trust one? What will be the impact. 

0 Helpful

Go to solution
Georgios Fotiadis
VIP Alumni
VIP Alumni
In response to techToddler

‎12-18-2017 05:09 AM

You will not be able to up load the (tomcat) certificate as the CA (and intermediate) certificates will no be present in the server's trust store. You will have to upload those first.

Georgios
Please rate if you find this helpful.
0 Helpful

Go to solution
techToddler
Level 1
Level 1
In response to Georgios Fotiadis

‎12-18-2017 05:48 AM

Thank you for the reply. What I wanted to know is what if I won't upload any of those certs and what type of impact will be there. Say I am getting an alert for ipsec.der certificate gonna expire. What should I do here since it is a self signed certificate. Just regenerate it or request csr and go through the process?
0 Helpful

Go to solution
Georgios Fotiadis
VIP Alumni
VIP Alumni
In response to techToddler

‎12-18-2017 05:52 AM

If your requirements have not changed (i.e. if you still don't need CA signed certificates) you may as well regenerate the (tomcat/ipsec-trust) self-signed certificates.

 

Georgios
Please rate if you find this helpful.
0 Helpful

Go to solution
Rajan
VIP Alumni
VIP Alumni
In response to techToddler

‎12-18-2017 09:23 PM

Hi Sanjay,

As you have self signed certificates, CA certs are not needed and trust certificate will be there by default in CUCM.

Reg impact for ipsec cert, it impacts DRF (backup and restore). if this is expiring, you can simply regenerate and reboot the node in which it expired to complete the process. Please refer the below link for the procedure:

https://www.cisco.com/c/en/us/support/docs/unified-communications/unified-communications-manager-callmanager/117299-problemsolution-product-00-html.html#anc8

HTH
Rajan
Pls rate all helpful posts

Go to solution
techToddler
Level 1
Level 1
In response to Rajan

‎12-24-2017 02:46 AM

Thank You Everyone. 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents