cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Walkthrough Wednesdays
8235
Views
0
Helpful
2
Replies
xc3ss1v30n3
Beginner

Possible to use SHA-2 certificates

Good morning... Our SSL certificates are beginning to expire and with the renewal process, we're also upgrading to the SHA-2 standard. Unbeknownst to me, CUCM doesn't (natively?) support SHA-2 and I unfortunately generated CSR's already, which of course has broken the certificate chain giving me a nice red bar in my browser when connecting to the web interfaces for management.

I don't doubt that I'm simply missing something, but as it stands, I can only get CUCM to upload root and intermediate certificates that are using SHA-1. The individual cert signed by the CA is using SHA-2 and obviously will not upload because I can't get the root and intermediate certs using SHA-2 into the trust-store.

Is there a workaround for this? A patch maybe? Or, do I have to revoke the new SHA-2 cert and renew using SHA-1?

Thank you.

2 REPLIES 2
keglass
Rising star

Michael,

I am checking with a Cisco technical expert regarding your issue. In the meantime, I recommend you look into the information in the Support Community regarding SSL and SHA certificates. You could also post this there for more feedback and information.

Cisco Support Community

Hope this helps.

Kelli Glass

Moderator for Cisco Customer Communities

Can you please specify which CUCM Release ? What kind of error are you seeing when uploading sha-2 cert ?

Content for Community-Ad

Spotlight Awards 2021