Cisco unity connection certificate regenerate

Ren Stark · ‎07-31-2019

Hi Friends,

The tomcat certificate on the Primary Cisco unity connection server is going to expire soon. This is the third party signed certificate. The unity cluster has two servers primary and secondary, but the tomcat certificate is about to expire only on the primary node. I have generated the csr and got it signed using the third party. Now I have the root certificate and new server certificate. Please let me know the step by step procedure to upload to renew the certificates.

Jaime Valencia · ‎07-31-2019

https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/connection/10x/administration/guide/10xcucsagx/10xcucsag215.html#99428

HTH

java

if this helps, please rate

Ren Stark · ‎07-31-2019

Thanks for the link.

Do I need to regenerate the Tomcat certificate on the secondary node as well? And upload the secondary node tomcat certificate as tomcat-trust on the Primary node? Note : the secondary unity tomcat still valid and it's a self signed certificate .

Please confirm

Vaijanath Sonvane · ‎08-02-2019

If secondary node certificate is valid and not expiring soon, then you don't need to re-generate tomcat certificate on secondary node.

Please rate helpful posts and if applicable mark "Accept as a Solution".
Thanks, Vaijanath S.

jeanmallet2000 · ‎05-05-2022

You have to log in Cisco Unified Operating System Administration for your CUC, then click on Security - Certificate management.

Then Click on Select the CA Signed Tomcat Certificate , click on Generate CSR. Answer that you have Tomcat Selected. Then Click on the distribution field ensure that you you have multi-san selected then click on generate. When it is successful you can now lick on download csr to send the file to get signed by your CA.

Roger Kallberg · ‎05-05-2022

For what reason are you answering an almost 3 years old post, that already have answers to the OP question that your answer doesn’t give any additional or new information?