cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1582
Views
0
Helpful
2
Replies

Expressway Cert Expiry Procedure

Derek McCormick
Level 1
Level 1

Hi,

My Expressway certificates are about to expire.Just wondering is there a way of adding new certs without causing an outage. Is it possible to use the original CSR requests to generate new CA signed certs or do i need to generate new CSR requests on the Expressways. I am conscious that if I generate a new CSR, the expressways will not work until the new certs are uploaded. I am trying to minimize downtime.

Thanks,

Derek

2 Replies 2

Jonathan Robb
Cisco Employee
Cisco Employee

Hi Derek,

If you have an existing Server Certificate and you click through to generate a new CSR, the existing server certificate will continue to work.

It will place the CSR and new private key into a separate folder on the system from your current Server Certificate and current Private Key until the signed certificate is uploaded. It will then copy the new certificate you upload and new private key it stored over the top of the old server certificate and old private key.

This document should cover most of the caveats you may be looking for:

http://www.cisco.com/c/dam/en/us/td/docs/telepresence/infrastructure/vcs/config_guide/X8-8/Cisco-VCS-Certificate-Creation-and-Use-Deployment-Guide-X8-8.pdf

-Jonathan

thanks for the response. that doc is very helpful;