The CMS CUCM integration guide states that in order for Ad-Hoc conferencing to work, the Callbridge certificate's CN must match the FQDN of the interface the Callbridge listens on. Is it possible to get around this by changing the matching name on the CUCM SIP trunk security profile? This would potentially open up the possibility of using a single certificate for all servers in a cluster, assuming you're not doing SfB integration which also has CN requirements.
In clustered CMS deployments I have previously deployed a unique certificate per server, however lately I've been working with several larger CMS clusters and am trying to see if it's feasible to use a single, Multi-SAN certificate for all servers in the cluster, applying to Callbridge, Webbridge, XMPP, Webadmin and Database Server. Managing 6 - 7 servers worth of individual certificates has become very cumbersome.