cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
264
Views
5
Helpful
3
Replies
Highlighted
Beginner

CMS Certificates for the Core and Edge

Hi,

 

Just need some clarification.

 

Do we need separate server certificates for the core (callbridge, xmpp, trunk) and edge (webbridge, load balancer, TURN)?

Also within a cluster does all the cores (callbridge, xmpp, trunk) need their own server cert or can we use one for all of them?

 

Thanks!

 

Jasmine Misal

 

 

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Participant

Re: CMS Certificates for the Core and Edge

Hello,

 

If I add the domain for xmpp and all the servers in CSR I can use that certs for the edge and core in a production environment? Y---Yes you can use but it will be better if you use separate for edge and one single cert for all core including all servers name in SAN list.

 

For relationship between different component it will be good if you go through the certificate guide which i provided earlier.

 

Thansk

Please rate if it is helpful and mark as accepted solution if applicable...

Thanks
Please rate if it is helpful and mark as accepted solution if applicable....

View solution in original post

3 REPLIES 3
Highlighted
Participant

Re: CMS Certificates for the Core and Edge

Hello,

 

For split deployment please see the below CMS certificate guide-

https://www.cisco.com/c/dam/en/us/td/docs/conferencing/ciscoMeetingServer/Deployment_Guide/Version-2-5/Certificate-Guidelines-Single-Split-Server-Deployment-2-5.pdf

 

You can use one cert for all servers for all components there will be no problems but you need to be careful for their in between relationships that you will get if you go through above link..

 

Thanks

Please rate if it is helpful and mark as accepted solution if applicable..

Thanks
Please rate if it is helpful and mark as accepted solution if applicable....
Highlighted
Beginner

Re: CMS Certificates for the Core and Edge

Hi,

 

Just want to verify, 

If I add the domain for xmpp and all the servers in CSR I can use that certs for the edge and core in a production environment?

 

I have used one cert for all the "services" on one core but I have heard that we can use one certs for all the cores within the cluster (if there is one) and the edge. Sorry for asking the question again but I need verification. Where in the document does it say that?

 

Thanks

 

Highlighted
Participant

Re: CMS Certificates for the Core and Edge

Hello,

 

If I add the domain for xmpp and all the servers in CSR I can use that certs for the edge and core in a production environment? Y---Yes you can use but it will be better if you use separate for edge and one single cert for all core including all servers name in SAN list.

 

For relationship between different component it will be good if you go through the certificate guide which i provided earlier.

 

Thansk

Please rate if it is helpful and mark as accepted solution if applicable...

Thanks
Please rate if it is helpful and mark as accepted solution if applicable....

View solution in original post

CreatePlease to create content
Content for Community-Ad
Future of Work Virtual Summit Day 5

Cisco COVID-19 Survey