cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
489
Views
0
Helpful
1
Replies
Tom Freeland
Beginner

CTS Systems and Certificates

I am reporting security certificate errors when I do security scans on my CTS systems and am interested in replacing the certificate with an external certificate generated by a Certificate Authority. Does anyone have any experience in replacing the certificate on the CTS systems.

Thanks.

Tom

1 REPLY 1
Arun Kumar
Cisco Employee

Hi Tom,

Each CTS comes with a Manufacturing Installed Cert (MIC) that is unique to each system and signed by Cisco's Certificate Authority (CA). If the customer wishes to, they may load a Locally Significant Cert (LSC). The LSC is downloaded by each CTS from the Certificate Authority Proxy Function (CAPF) service running on CallManager. The CAPF can issue two types of LSCs:

1. Signed by the CAPF server (self-signed)

2. Signed by an external CA using the PKCS#10 certificate signing request (CSR) mechanism.

See page 1-16 at http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/security/6_1_1/secugd/secugd-cm.pdf

HTH

Arun

Create
Recognize Your Peers
Content for Community-Ad