06-19-2012 01:37 AM - edited 03-19-2019 05:07 AM
Hi community,
I will need to configure SSL on two Cisco Unified MeetingPlace Application (Release 8.5.4) servers running in failover mode. Will it be sufficient to generate the CSR on the active node, then obtain the certificate from the CA and upload the certificate on the active node?
Or do I have to go through the process two times, i.e. for each server? (configuring SSL on node 1 (active), then performing manual switchover to node 2 and configure SSL there)
I am looking forward to hearing from you!
Kind regards,
Igor Lukic
06-25-2012 02:42 PM
I found a note in the restrictions documentation: (I know the document states MP7.1, but the same applies for MP8.5) http://www.cisco.com/en/US/docs/voice_ip_comm/meetingplace/7_1/english/a dministration/failover_application_server_config.html#wp1056692 If you are using SSL on your system, you must manually transfer all files in the following directories from the active server to the standby server: -/usr/local/enrollment (for Application Server SSL and single sign-on authentication for users who schedule meetings from Microsoft Outlook) -/opt/cisco/meetingplace/web/current/etc/conf/ (for Cisco WebEx integration) Copy the files by using the failoverUtil copyConfigFiles command and restore files by using the failoverUtil restoreConfigFiles command. This means, after you have your certificates, you would need to upload the new certificate & private key to the primary server to enable SSL(services will re-start) then copy the contents of the files noted above to the standby server. This way, when/if you failover the new SSL information will be used.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide