cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
661
Views
0
Helpful
2
Replies

UCSC 3rd party certificates, subordinate CA

Raphael
Level 1
Level 1

Hello everybody

Has anyone set up a UCSM and UCSC both with 3rd party certificates? (using Microsoft Certificate Server)
UCSC = UCS Central

 

In the documentation, it says that one needs to create a certificate with the usage "certificate signing". One has to create the new cert for UCSC with the template "subordinate certification authority".

http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-central/users-manual/1-2/b_CiscoUCSCentral-Software-UserManual-Release1-2/b_CiscoUCSCentral-Software-UserManual-Release1-2_chapter_011.html#concept_5CDA8BD5B53B457AB9F62D3041AA5A01

 

So if I understand that correctly, then we basically create a new Sub CA, just for UCSC. Is that correct?

Does anyone know more details about that?

What are the implications of doing that? The customer is a bit anxious about that. Is it no problem at all or is it necessary to involve a MS expert for proper setup and configuration regarding all the rest of the PKI?

 

Any help in insight is very much appreciated.

Thank you :-)

2 Replies 2

Walter Dey
VIP Alumni
VIP Alumni

Do you know

19. Appendix I (Certificate Troubleshooting)

https://communities.cisco.com/docs/DOC-35264

UCS Central Best Practice Guide --- Updated for Release 1.2(1a)

Hello Walter

Thank you for the input but that document does not help. It checked it before posting.

Right now in UCSC 1.2 when using 3rd party certs with an Enterprise CA, you really need a special cert for UCSC with the capability of certificate signing.

The other option is to stick with the default built in cert.

Review Cisco Networking for a $25 gift card

Review Cisco Networking for a $25 gift card