Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8964
Views
5
Helpful
7
Replies

Expressway C Certs

Go to solution
Nkechi Latunji
Level 1
Level 1

‎09-27-2015 07:20 PM - edited ‎03-19-2019 10:09 AM

Hi,

 

I previously had external Certs on my expressway and all was working fine, we changed our local CA and wanted to updated the certs on my UC apps. I have successfully done so for CUCM, IMP and CUC. When i tried expressway C I received the following error

 

Invalid certificate: The file provided does not have a client usage attribute. The certificate must be usable for both servers and clients for Unified Communications.

I successfully uploaded the root CA to the expressway, I signed the CSR with the CA using web server template but it's not uploading to the server. Can someone help

 

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee

‎09-27-2015 08:34 PM

Adjust your certificate template to have the Enhanced Key Usage of server and client authentication as the error says.

Web server ONLY has server authentication.

HTH

java

if this helps, please rate

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee

‎09-27-2015 08:34 PM

Adjust your certificate template to have the Enhanced Key Usage of server and client authentication as the error says.

Web server ONLY has server authentication.

HTH

java

if this helps, please rate
0 Helpful

Go to solution
Jefferson Islan Silva
Level 1
Level 1
In response to Jaime Valencia

‎10-13-2015 12:15 PM

How have you fixed this issue?

0 Helpful

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee
In response to Jefferson Islan Silva

‎10-13-2015 12:18 PM

The error was what I mentioned, the certificate template was not properly configured with the right Enhanced Key Usage that was required.

HTH

java

if this helps, please rate
0 Helpful

Go to solution
Jefferson Islan Silva
Level 1
Level 1
In response to Jaime Valencia

‎10-13-2015 12:39 PM

This is not configured on Expressway side or on Microsoft CA Server side?

0 Helpful

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee
In response to Jefferson Islan Silva

‎10-13-2015 12:42 PM

On the CA, you probably want to read this before further questions

http://docwiki.cisco.com/wiki/Certificates_FAQ

HTH

java

if this helps, please rate
0 Helpful

Go to solution
ravi.kumar1
Level 1
Level 1
In response to Jaime Valencia

‎05-17-2020 08:00 AM

same error i faced while building a EXpressways lab and am using one of my windows server as CA.

this is the policy you need to add for client authentication

 

clientauth.jpg

 

**** Please rate helpful posts *****

Go to solution
SajithThrimavithana
Level 1
Level 1
In response to ravi.kumar1

‎12-16-2020 08:36 PM

Thanks !

0 Helpful
Customers Also Viewed These Support Documents