Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2417
Views
0
Helpful
2
Replies

Urgent - CUCM Encryption questions

Priyaranjan Jha
Level 1
Level 1

‎05-07-2010 07:19 AM - edited ‎03-19-2019 12:54 AM

I have gone through the CUCM Security guide and a few more docs. I have not been able to find the answers to all the questions anywhere. I need you help find answers to the questions colored green.

Scenario - At this moment VoIP is not encrypted. (CUCM 6.1 with around 1000 devices). The customer is going to setup a Windows-PKI and they want already to know what specifications Cisco is demanding from such a PKI (so that they later easily can integrate their Cisco VoIP solution in their 'new' network) What encryption length are supported (2048 or 4096 bit ?)

- Based on CUCM security docs it appears to be 512, 1024 or 2048

[My Answer] This answer is correct. Here’s the information from the CUCM 7.x Security Guide:

(Page 84) Key Size - For this setting that is used for CAPF, choose the key size for the certificate from the drop-down list box. The default setting equals 1024. Other options include 512 and 2048.

What Hash-algorithms are supported (SHA-1, SHA-256, SHA-512, ...) ? -

- Based on the CUCM Admin guide I was only able to find SHA-1 and MD-5

[My Answer] This is also true. MD5 is used as a Hash function which is used with encryption. SHA-1 hashed password and PIN in credential table for end users. 1024-bit RSA Public Keys, digital signatures use SHA-1 with RSA.

Need answer to these 4 questions:

How long can the certificate chain be (how many different levels are supported) ?

How can you get certificates on end devices which aren't part of an Active Directory ?

How to you 'connect' a Cisco Telephony system to a Windows-PKI ?

Is there a checklist in which the points which should be considered are specified?

Please share your opinions. Any help would be appreciated.

Thanks & Regards,

PJ
Technology Solutions Network

Labels:
0 Helpful
2 Replies 2

David Hailey
VIP Alumni
VIP Alumni

‎05-07-2010 10:42 AM

Take a look here and see how many of your questions are answered:

http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/security/7_0_1/secugd/secuview.html

Hailey

Please rate helpful posts!

0 Helpful

Priyaranjan Jha
Level 1
Level 1

‎05-11-2010 06:33 AM

Hi David,

I have referred to this guide earlier but I can't find such details in here. I have only found answer to the first 2 questions and rest still stand unanswered.

Thanks,

PJ

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents