cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
308
Views
2
Helpful
4
Replies

Expressway certificate requirement

Sabid C
Level 1
Level 1

Hi Team,

The UC setup we are using for B2B calls, the call flow is below-

VC endpoint - CUCM-EXP C- EXP E- Cloud

The Expressway is not in a cluster, only a single node is there.

Now for the above, which certificates are mandatory?

Thanks in advance.

 

Regards,

Sabid

4 Replies 4

b.winter
VIP
VIP

Private CA signed certificate for Exp-C, as Exp-C is in the internal network
and Public CA signed certificate for Exp-E, as Exp-E is reachable via Internet.
But this is the general rule. Doesn't matter which functions (B2B, MRA, ...) you use via the Expressways.

Add to the above point. 

you should be uploading 

on the Expressway E:

  1. Root and intermediary certificate used to sign the Expressway C certificate (generally private/internal CA) [Maintenance>> Security>>Trusted CA certificate]
  2. Signed certificate of expressway E [ Maintenance >> Security>> Server certificate]

on the Expressway C:

  1. Root and intermediary of the CA which used to sign the expressway E certificate 
  2. signed Expressway C certificate (private CA signed)

I am sure you are aware, but just in case

Regards

 

Apart from what you mentioned you also need to upload the CA certificate(s), root and any intermediate, of the CA that signed the certificate of the specific Expressway node, C or E, to the [Maintenance>> Security>>Trusted CA certificate] on each.

So this:

  1. Root and any intermediate certificate(s) used to sign the Expressway E certificate (generally public CA) [Maintenance>> Security>>Trusted CA certificate] on E
  2. Root and intermediate certificate(s) used to sign the Expressway C certificate (generally private/internal CA) [Maintenance>> Security>>Trusted CA certificate] on C


Response Signature


b.winter
VIP
VIP

@Sabid C Could your question be answered? If yes, I would appreciate an "accepted solution".