cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10087
Views
7
Helpful
7
Replies

Expressway C Certs

Nkechi Latunji
Level 1
Level 1

Hi,

 

I previously had external Certs on my expressway and all was working fine, we changed our local CA and wanted to updated the certs on my UC apps. I have successfully done so for CUCM, IMP and CUC. When i tried expressway C I received the following error

 

Invalid certificate: The file provided does not have a client usage attribute. The certificate must be usable for both servers and clients for Unified Communications.

I successfully uploaded the root CA to the expressway, I signed the CSR with the CA using web server template but it's not uploading to the server. Can someone help

 

Thanks

1 Accepted Solution

Accepted Solutions

Jaime Valencia
Cisco Employee
Cisco Employee

Adjust your certificate template to have the Enhanced Key Usage of server and client authentication as the error says.

Web server ONLY has server authentication.

HTH

java

if this helps, please rate

View solution in original post

7 Replies 7

Jaime Valencia
Cisco Employee
Cisco Employee

Adjust your certificate template to have the Enhanced Key Usage of server and client authentication as the error says.

Web server ONLY has server authentication.

HTH

java

if this helps, please rate

How have you fixed this issue?

The error was what I mentioned, the certificate template was not properly configured with the right Enhanced Key Usage that was required.

HTH

java

if this helps, please rate

This is not configured on Expressway side or on Microsoft CA Server side?

On the CA, you probably want to read this before further questions

http://docwiki.cisco.com/wiki/Certificates_FAQ

HTH

java

if this helps, please rate

same error i faced while building a EXpressways lab and am using one of my windows server as CA.

this is the policy you need to add for client authentication

 

clientauth.jpg

 

**** Please rate helpful posts *****

Thanks !