Hi guys, we are using the CAPF service on the CUCM Publisher to sign LSCs for our Cisco phones. This works fine for 802.1x with the customers ISE.
But we now have the issue, that we cannot access the phones webpages, because the provided certificate/ LSC does not match the URL accessed: a) when accessing via the IP-address https://10.26.12.128: the LSC obviously does not contain the DHCP assigned IP in the subject alternative names:
b) when accessing with the hostname https://SEP00A289FB3654: the common-name in the LSC does not match the Hostname or the FQDN:
Some additional notes: The customer has disabled the option to ignore the error in the browser. Only HTTPS is allowed on the phones, because of security The customers DHCP server dynamically creates DNS A-Records for the phones, thats why we can enter the hostname in the browser and don't need to search for the IP in CUCM.
Can we configure the CAPF service to set a different common name? "SEP" + MAC is already unique, no need to add "CP" or the device type. Or can we include the devicename SEP00A289FB3654 as a subject alternative name?