Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
366
Views
0
Helpful
8
Replies

CUCM 8.6/CUC 8.6

paul.collins1.ctr1
Level 1
Level 1

‎03-16-2016 08:22 AM - edited ‎03-19-2019 10:52 AM

Good Morning,

I am trying to find info on updating certificates on CUCM and CUC. Currently we are using self signed certificates however would like to use third party certificates from a external CA. This is DoD environment so request would need to go to a DoD CA authority. My question is process to generate the request and then install once I receive the certificate back from the CA. Also in updating the cert will this interrupt current services? I have read that doing so would possibly cause all phones to reset in order to download the needed file. Any help is appreciated.

Paul

Labels:
0 Helpful
8 Replies 8

Jaime Valencia
Cisco Employee
Cisco Employee

‎03-16-2016 09:07 AM

See here

https://www.youtube.com/watch?v=FIqh3rSIUmA&index=7&list=PLFuOESqSTxEvZChqWgAJanctohRMe99CR

It will be a little different due to versions, but you'll get the overall idea.

HTH

java

if this helps, please rate
0 Helpful

paul.collins1.ctr1
Level 1
Level 1
In response to Jaime Valencia

‎03-16-2016 09:12 AM

Jaime, Does it make a difference that in the video you are using an internal CA? As we will be using an external CA assuming processes should be the same?

Paul

0 Helpful

Jaime Valencia
Cisco Employee
Cisco Employee
In response to paul.collins1.ctr1

‎03-16-2016 09:14 AM

Only for who signs them, you can use whatever CA you want, or send them to a public CA, the overall process is the same in CUCM, whether you sign them, or not.

HTH

java

if this helps, please rate
0 Helpful

paul.collins1.ctr1
Level 1
Level 1
In response to Jaime Valencia

‎03-16-2016 09:27 AM

Jaime,

Thanks, couple more questions, should we do that process for not only Tomcat, but IPsec, CAPF, TVS and Callmanager as well?

In doing this changes will this interrupt services at all?

Paul

0 Helpful

Jaime Valencia
Cisco Employee
Cisco Employee
In response to paul.collins1.ctr1

‎03-16-2016 09:34 AM

That depends on your needs, that's up to you, and what you need.

I suggest you read

http://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-communications-manager-callmanager/116232-technote-sbd-00.html

Depending on the cert, you might need to restart services, the server will tell you that while uploading the certs.

HTH

java

if this helps, please rate
0 Helpful

paul.collins1.ctr1
Level 1
Level 1
In response to Jaime Valencia

‎03-16-2016 09:43 AM

Thanks, last question we have a Pub and a Sub would we need to do request for both the pub and the sub  or will that replicate from the pub down to the sub.

0 Helpful

Jaime Valencia
Cisco Employee
Cisco Employee
In response to paul.collins1.ctr1

‎03-16-2016 09:46 AM

On your release it has to be done PER server.

HTH

java

if this helps, please rate
0 Helpful

paul.collins1.ctr1
Level 1
Level 1
In response to Jaime Valencia

‎03-16-2016 09:47 AM

thanks appreciate your help.

0 Helpful
Customers Also Viewed These Support Documents