Re: on the CUCM do i need to upload the tomcat cert to CMS in order to establish trust between CMS a...

Ibrahim Jamil · ‎11-11-2018

Hi

I just uploaded my Root CA cert ( Internal) to CMS 2.3 , do i need to upload the same Root CA to CUCM in order to establish trust between CMS and CUCM ,

OR

on the CUCM do i need to upload the tomcat cert to CMS in order to establish trust between CMS and CUCM ,

Do i need to use EXACTLY the Below Steps ,

    Upload the CA-Root Certificate

    Log into the Cisco Unified Operating System (OS) Administration web GUI.

    Navigate to Security Certificate Management.

    Click Upload Certificate/Certificate chain.

    Choose CallManager-trust under Certificate Purpose.

    Browse to the CA's root certificate and click Upload.

thanks all

Nikhil Jayan Kandampully · ‎11-12-2018

You have to upload CMS callbridge and webadmin (Server certificates, root certificate and intermediate) certificates to callmanager trust and tomcat trust. The same way your call manager root and intermediate certificates should be upload into the CMS using winscp.

Restart your call Manager and tomcat services in CUCM and restart callbridge & webadmin services in CMS. Some cases I have seen need to restart call manager to take effect the certificates that uploaded.

please rate if this helps...

Ibrahim Jamil · ‎11-12-2018

Hi Nikhil

thanks mate , u have been helpfull

bro

the Root Cert is my Internal root CA , is that true???

what do u mean by intermediate certificate

the webadmin its Self signed cert just to let me manage the box

pls clarify

Nikhil Jayan Kandampully · ‎11-12-2018

Hi,

It's better to use your internal CA or public CA for signing the Callbridge and webadmin service in CMS.

The intermediate certificate is a subordinate certificate provided by CA with root certificate. you can ignore if you didn't get any intermediate certificate from your CA.