10-03-2011 07:44 AM - edited 03-19-2019 03:42 AM
Hi,
I am trying to connect CUC 8.5.1.12900-7 to Exchange 2010 using Basic authentication with SSL.
I am having problems when I get to the test user stage and think the problem may be caused by certificates.
To obtain the certificates that I have installed on CUC I got one of the users to connect to OWA and then exported the certificates associated with the connection and then loaded then onto CUC - is this the right way to do it? - there does not seem to be any documentation that covers this in detail.
Can anyone point me in the right direction or at least let me know how to troubleshoot the problem?
Thanks
Solved! Go to Solution.
10-03-2011 08:23 AM
You want to export the root CA certificate from OWA and import it to both the tomcat-trust and connection-trust stores. When I did this last week on 8.6(1)a I did not have to restart Tomcat although that has been required in the past. You can spot the root CA certificate by choosing the Certificate Path tab, selecting the highest certificate in the chain, opening it, select the Details tab, and click Copy to File. When you save it you will want the Base-64 encoded file and need to manually change the file extension from .CRT to .PEM.
Additionally, you can rule SSL out by unchecking the Validate Certificates for Exchange Servers checkbox. This will allow the SSL session even if the certificate fails validation.
Other issues I have seen:
10-03-2011 08:16 AM
Hi,
Just checked my config and found that Basic authentication was not enabled on Exchange EWS
Just for info the certificates that I got by getting a user to connect to OWA worked just fine - I got the idea from Michael Luo's excellent boo on Presence - thanks Mike
10-03-2011 08:23 AM
You want to export the root CA certificate from OWA and import it to both the tomcat-trust and connection-trust stores. When I did this last week on 8.6(1)a I did not have to restart Tomcat although that has been required in the past. You can spot the root CA certificate by choosing the Certificate Path tab, selecting the highest certificate in the chain, opening it, select the Details tab, and click Copy to File. When you save it you will want the Base-64 encoded file and need to manually change the file extension from .CRT to .PEM.
Additionally, you can rule SSL out by unchecking the Validate Certificates for Exchange Servers checkbox. This will allow the SSL session even if the certificate fails validation.
Other issues I have seen:
10-03-2011 09:28 AM
Hi Jonathan,
Thanks for your response - really useful information.
Is there any way of verifying that my setup is using SSL?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide