Good afternoon everyone.
We have recently gone through an upgrade on CUCM from version 8.6 to version 10.5. Everything is working as exepected, but l am looking for clarification as to the ITL file installed on the phone, and how to cross reference this against the CUCM.
I have been reading Jason Burn's excellent doc, but when l look at my CERT's installed on CUCM, against the ITL file on the phone they do not match. I have this on both our Production CUCM servers, and our DEV test servers.
I thought that the Phone downloaded the CERT from the Call Manager.PEM cert and this could be crossed referenced via the CLI on the CUCM server with the - (show itl) command.
Phone Status Message:
15:44:33 Trust List Updated
15:44:34 SEP34DBFDCC577A.cnf.xml.sgn(HTTP)
Show itl command from DEV Server:
BYTEPOS TAG LENGTH VALUE
------- --- ------ -----
1 RECORDLENGTH 2 1211
2 DNSNAME 2
3 SUBJECTNAME 81 CN=app-d-cucm01.domain.com;OU=Systems;O=ABC;L=Office;ST=New;C=GB
4 FUNCTION 2 System Administrator Security Token
5 ISSUERNAME 81 CN=app-d-cucm01.domain.com;OU=Systems;O=ABC;L=Office;ST=New;C=GB
6 SERIALNUMBER 16 6A:38:83:6D:F6:E4:E4:1A:EC:BF:F4:7E:D3:DC:B3:17
7 PUBLICKEY 140
8 SIGNATURE 128
9 CERTIFICATE 732 E2 7E D7 E8 0A 05 52 D9 CC E2 CB 80 4E E2 B1 8F 05 17 93 25 (SHA1 Hash HEX)
This etoken was used to sign the ITL file
ITL file on the phone is - 93 C9 6D E8.......
Thanks and best regards,
James
