Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
339
Views
4
Helpful
3
Replies

CUCM v7.1.2 certificates

melwoods
Level 1
Level 1

‎04-08-2013 08:19 AM - edited ‎03-19-2019 06:33 AM

Hello All,

I'm doing a little research on CUCM and certificates.  With me being a novice to CUCM, I'm reaching out to the community knowlege base for some information and guidance.  My question: Is CUCM required to use its self-signed certificate or can it use the  *.yourcompany.com  wildcard certificate?

I have a requirement where the CCMuser web interface needs to be accessible outside of the company and the path we are going down has this access being dropped behind our loadbalancer.  The loadbalancer will require a certificate from CUCM, thus my question above.  I'd rather use the company wildcard vs the CUCM self-signed, but either way will work.  Now part 2 of the delima.

1) If I can use the company wildcard, what is the procedure to upload it to CUCM and will it require a reboot of the subscriber or just restarting of certain services?

2) If I have to use the self-signed certificate, what is the procedure to extract it from the CUCM subscriber?

Thanks all in advance.

Melvin

Labels:
0 Helpful
3 Replies 3

Chris Deren
Hall of Fame
Hall of Fame

‎04-08-2013 08:27 AM

Melvin,

You can use PKI certs, though currently wildcard certs are not supported on any version of CUCM.

You can uploaded root cert from your PKI to CUCM, then request CSRs and have those signed and uploaded to CUCM as tomcat certs.  There are many threads and docs on how to do this on this forum.

HTH,

Chris

melwoods
Level 1
Level 1
In response to Chris Deren

‎04-08-2013 08:42 AM

Thank you very much Chris for your input.

So perhaps the easiest thing would be for me to use the CUCM self-signed certificate and upload it to the loadbalancer.  Seems like it is the least intrusive option.

Melvin

0 Helpful

Chris Deren
Hall of Fame
Hall of Fame
In response to melwoods

‎04-08-2013 08:44 AM

Not sure as I have never done it, uploading PKI certs to CUCM is not intrusive at all, all you need to do afterwards is restart tomcat service which does not affect phones.

Chris

0 Helpful
Customers Also Viewed These Support Documents