cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4432
Views
5
Helpful
3
Replies

expressway Self Signed TLS

martyn.rees
Level 4
Level 4

I am currently in the process of getting Expressway C & E up and running in the lab, so don't want to use signed certs just for the testing purposes.

A lot of the documentation states that you have to have TLS turned on for authentication with CUCM, CUIMP, between Expressway servers, etc, but there is no information on how to import the self signed cert from say CUCM, or IM&P in to Expressway.


Does anyone have this in a document, or a simple process? I'm sure it can't be hard, but there just doesn't seem to be an obvious way to do it.

1 Accepted Solution

Accepted Solutions

George Thomas
Level 10
Level 10

Hello,

I dont have a process document but these are the basic steps:

Navigate to CUCM/CUCN/IMP OS administration

Navigate to Security -> Certificate Management

Click Find and select the tomcat.pem cert and click Download.

Upload this cert to the Expressway.Maintenance ->Security certificates ->Trusted CA certificate.

Repeat this process for all servers.

From Expressway, 

Navigate to Maintenance ->Security certificates -> Server certificate.

Click on SHow Pem file and copy the contents into a text file. Rename the extension of this text file to .pem and upload it back to the tomcat trust section of each of the applications.

 

HTH

Please rate useful posts.

View solution in original post

3 Replies 3

George Thomas
Level 10
Level 10

Hello,

I dont have a process document but these are the basic steps:

Navigate to CUCM/CUCN/IMP OS administration

Navigate to Security -> Certificate Management

Click Find and select the tomcat.pem cert and click Download.

Upload this cert to the Expressway.Maintenance ->Security certificates ->Trusted CA certificate.

Repeat this process for all servers.

From Expressway, 

Navigate to Maintenance ->Security certificates -> Server certificate.

Click on SHow Pem file and copy the contents into a text file. Rename the extension of this text file to .pem and upload it back to the tomcat trust section of each of the applications.

 

HTH

Please rate useful posts.

Thanks, I was on the right track then, just wasn't sure as it wasn't documented anywhere.

Thank you George for that short, but very informative post.

Exactly what I just need!