12-09-2020 04:28 AM
I was going through the CUCM publisher' Certificate Management Page which I started managing recently and found that most of the certificates are under the name of a different publisher server which is not part of the cluster (maybe an old server, but I don't know how it came there) and I could not see any certificate under the name of the publisher server I am accessing. I was troubleshooting an issue with DRS backup failing and was checking IPsec certificate expiry and this is when I observed this. The subscribers all have the certificates under their name (expired though)
1) Since I cannot find a certificate with the name of my publisher, can I generate a new self-signed certificate (by clicking Generate Self-signed and choosing IPsec) to fix the issue?
2) Since the IPsec certificate is also used for the IPsec tunnels to the gateways, will there be any impact on that front?
Thanks in advance,
Libin
12-09-2020 06:18 AM
Recommend you to have a look at this document. https://community.cisco.com/t5/collaboration-voice-and-video/cisco-uc-certificates-renewal-guide/ta-p/4077131
12-09-2020 06:42 AM
Hi Roger,
I had already gone through the certificate renewal document.
My question is a bit specific since I do not find the ipsec certificate of my publisher under the Certificate Management.
If that is the case, can I click on Generate Self Signed, rather than Regenerate?
Thanks,
Libin
12-09-2020 06:55 AM
As this specific certificate is self signed you can just go about to generate it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide