03-16-2016 08:22 AM - edited 03-19-2019 10:52 AM
Good Morning,
I am trying to find info on updating certificates on CUCM and CUC. Currently we are using self signed certificates however would like to use third party certificates from a external CA. This is DoD environment so request would need to go to a DoD CA authority. My question is process to generate the request and then install once I receive the certificate back from the CA. Also in updating the cert will this interrupt current services? I have read that doing so would possibly cause all phones to reset in order to download the needed file. Any help is appreciated.
Paul
03-16-2016 09:07 AM
See here
https://www.youtube.com/watch?v=FIqh3rSIUmA&index=7&list=PLFuOESqSTxEvZChqWgAJanctohRMe99CR
It will be a little different due to versions, but you'll get the overall idea.
03-16-2016 09:12 AM
Jaime, Does it make a difference that in the video you are using an internal CA? As we will be using an external CA assuming processes should be the same?
Paul
03-16-2016 09:14 AM
Only for who signs them, you can use whatever CA you want, or send them to a public CA, the overall process is the same in CUCM, whether you sign them, or not.
03-16-2016 09:27 AM
Jaime,
Thanks, couple more questions, should we do that process for not only Tomcat, but IPsec, CAPF, TVS and Callmanager as well?
In doing this changes will this interrupt services at all?
Paul
03-16-2016 09:34 AM
That depends on your needs, that's up to you, and what you need.
I suggest you read
Depending on the cert, you might need to restart services, the server will tell you that while uploading the certs.
03-16-2016 09:43 AM
Thanks, last question we have a Pub and a Sub would we need to do request for both the pub and the sub or will that replicate from the pub down to the sub.
03-16-2016 09:46 AM
On your release it has to be done PER server.
03-16-2016 09:47 AM
thanks appreciate your help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide