Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8610
Views
0
Helpful
2
Replies

Possible to use SHA-2 certificates

xc3ss1v30n3
Level 1
Level 1

‎01-07-2016 09:05 AM - edited ‎03-19-2019 10:33 AM

Good morning... Our SSL certificates are beginning to expire and with the renewal process, we're also upgrading to the SHA-2 standard. Unbeknownst to me, CUCM doesn't (natively?) support SHA-2 and I unfortunately generated CSR's already, which of course has broken the certificate chain giving me a nice red bar in my browser when connecting to the web interfaces for management.

I don't doubt that I'm simply missing something, but as it stands, I can only get CUCM to upload root and intermediate certificates that are using SHA-1. The individual cert signed by the CA is using SHA-2 and obviously will not upload because I can't get the root and intermediate certs using SHA-2 into the trust-store.

Is there a workaround for this? A patch maybe? Or, do I have to revoke the new SHA-2 cert and renew using SHA-1?

Thank you.

0 Helpful
2 Replies 2

keglass
Level 7
Level 7

‎01-08-2016 12:18 PM

Michael,

I am checking with a Cisco technical expert regarding your issue. In the meantime, I recommend you look into the information in the Support Community regarding SSL and SHA certificates. You could also post this there for more feedback and information.

Cisco Support Community

Hope this helps.

Kelli Glass

Moderator for Cisco Customer Communities

0 Helpful

Manish Joshi
Cisco Employee
Cisco Employee
In response to keglass

‎01-08-2016 01:36 PM

Can you please specify which CUCM Release ? What kind of error are you seeing when uploading sha-2 cert ?

0 Helpful
Customers Also Viewed These Support Documents