Digicert lets you put your domain and subdomains of any level as SANs. It’s great! They even generated a duplicate certificate for me with a different root CA that was supported with WebEx enabled Telepresence. We use their wildcard certificates on all of our UC servers.
From: cisco-voip [mailto:cisco-voip-boun...@puck.nether.net] On Behalf Of Heim, Dennis Sent: 15 July 2015 8:28 AM To: Ian Anderson; NateCCIE; Cisco VOIP Subject: Re: [cisco-voip] Digicert Wildcard certificates I’ve found the hardest thing to find a cert providers that likes putting the domain as a san such as DNS=mycollab.com. Has anyone found any providers that are kosher with that? From one of the Cisco Live sessions, I was told this is needed for service discovery to function properly. Dennis Heim | Emerging Technology Architect (Collaboration) World Wide Technology, Inc. | +1 314-212-1814 [twitter]<https://twitter.com/CollabSensei> [chat]<xmpp:dennis.h...@wwt.com>[Phone]<tel:+13142121814>[video]<sip:dennis.h...@wwt.com> “There is a fine line between Wrong and Visionary. Unfortunately, you have to be a visionary to see it." – Sheldon Cooper Click here to join me in my Collaboration Meeting Room<https://wwt.webex.com/meet/dennis.heim> From: cisco-voip [mailto:cisco-voip-boun...@puck.nether.net] On Behalf Of Ian Anderson Sent: Wednesday, July 15, 2015 10:18 AM To: NateCCIE; Cisco VOIP Subject: Re: [cisco-voip] Digicert Wildcard certificates On 15 July 2015 at 15:02, NateCCIE <natec...@gmail.com<mailto:natec...@gmail.com>> wrote: Did you put all of your SANs in the digicert page? z I have this working on all of my expressway installs. Hi Nate, Thanks for the quick response, just for preservation in the archives for future posterity and confirmation that digicert seems fine despite the warnings in the manuals, it seemed I was running into 2 separate issues. 1) I had uploaded the intermediate cert, but needed to manually download and upload the root CA 2) That then got me past the TLS error, only to find that I had fat-fingered the hostname in the SAN field :-( Cheers Ian The contents of this message may contain confidential and/or privileged subject matter. If this message has been received in error, please contact the sender and delete all copies. Like other forms of communication, e-mail communications may be vulnerable to interception by unauthorized parties. If you do not wish us to communicate with you by e-mail, please notify us at your earliest convenience. In the absence of such notification, your consent is assumed. Should you choose to allow us to communicate by e-mail, we will not take any additional security measures (such as encryption) unless specifically requested. If you no longer wish to receive commercial messages, you can unsubscribe by accessing this link: http://www.bennettjones.com/unsubscribe
_______________________________________________ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
