cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1457
Views
30
Helpful
7
Replies

Calling in Webex (Unified CM) - Internal registration

Carlos Olortiga
Level 1
Level 1

Hi Guys,

Im deploying Calling in Webex (Unified CM), we have Jabber solution deployed and working fine. So I can register my Webex Client in CUCM from Internet through the Expressways (MRA) but when I try to register in the internal network, it doesnt work. I think it is because Webex client ask for an public certificate, but CUCM servers dont have it.

I am right? Is a public certificate required? Is there an option to Webex client accept the autosigned certificates?

Thanks

Carlos Olórtiga

7 Replies 7

Vaijanath Sonvane
VIP Alumni
VIP Alumni

Hi @Carlos Olortiga,

Please review certificate requirement section from deployment guide:

https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cloudCollaboration/wbxt/ucmcalling/unified-cm-wbx-teams-deployment-guide/unified-cm-wbx-teams-deployment-guide_chapter_011.html#id_107860 

This should resolve your issue.

 

 

Please rate helpful posts and if applicable mark "Accept as a Solution".
Thanks, Vaijanath S.

tschafferx
Level 1
Level 1

Hi Carlos,

 

you could try the following:

 

To establish a secure connection with Unified CM, Webex validates the certificate that is presented by the server during the connection process. Unlike Jabber, Webex does not prompt users with the option to accept an untrusted certificate.

Unified CM must be configured with certificates that Webex can validate, preferably a CA root that signed the tomcat certificate (which is known to the operating system that Webex is on, Windows or MacOS by default). or a self-signed trusted certificate (which must be deployed to the OS in advance by the enterprise administrator).

 

I highlighted the interesting part for you. Maybe you don't have the self signed certificate in your local OS trust store. If not you could try to upload it. Of course it is always recommended to deploy CA signed certificates.

 

Regards Thomas

As @Roger Kallberg you don't need to have a public signed certificate.

 

What popup you received, certificate warning or certificate expired message ?  



Response Signature


I get this message. It is in spanish, It say "No service detected because no acceptable certificate in server"

 

Thanks

It does not need to have public signed certificate, you can use internally signed certificates. Aka certificates in CM that are signed by an internal CA.

For details on certificate handling please see this document that I wrote on the topic. Cisco UC Certificates Renewal Guide 



Response Signature


Ok, so certificates signed by an internal CA is acceptable. Are autosigned acceptable too?

Not sure if I fully understand what you mean by auto signed certificates. Would you mind to please elaborate!



Response Signature