rom: cisco-voip [mailto:cisco-voip-boun...@puck.nether.net] On Behalf Of Gary
Parker
Sent: Wednesday, May 17, 2017 4:21 AM
To: NateCCIE
Cc: cisco-voip@puck.nether.net
Subject: Re: [cisco-voip] CUCM 11.5 Tomcat Service SSL Certificate Issue
> On 16 May 2017, at 21:22, NateCCIE wrote:
>
> I don&
> On 16 May 2017, at 21:22, NateCCIE wrote:
>
> I don't think you can upload a cert unless there is an active CSR for it.
Correct: the CSR gets removed when you install a server cert that matches it.
Brian > looking at 'OS Administration -> Security -> Certificate Management’ I
can see the
I don't think you can upload a cert unless there is an active CSR for it.
Sent from my iPhone
> On May 16, 2017, at 2:12 PM, Brian Meade wrote:
>
> You can re-install the same certs. Just make sure to do the trusts, Root then
> Intermediate then do the server cert and restart services. Unfo
Maybe this?
run sql select servername,subjectname,issuername from certificate
On Tue, May 16, 2017 at 4:12 PM, Brian Meade wrote:
> You can re-install the same certs. Just make sure to do the trusts, Root
> then Intermediate then do the server cert and restart services.
> Unfortunately, I don't
You can re-install the same certs. Just make sure to do the trusts, Root
then Intermediate then do the server cert and restart services.
Unfortunately, I don't think it shows the root certs anywhere. Maybe in
the certinfo table?
On Tue, May 16, 2017 at 4:05 PM, Gary Parker wrote:
>
> > On 16 Ma
> On 16 May 2017, at 20:42, Brian Meade wrote:
>
> Did you make sure to upload those certs in the right order so CUCM was able
> to chain them?
I’ve a feeling that may be the issue. Certs where installed towards the end of
a very long weekend upgrading the cluster and I was losing consciousne
Did you make sure to upload those certs in the right order so CUCM was able
to chain them?
On Tue, May 16, 2017 at 3:32 PM, Gary Parker wrote:
>
> > On 16 May 2017, at 19:27, Charles Goldsmith
> wrote:
> >
> > In addition to what Nate stated, the CCMCIP profile needs to be FQDN as
> well.
> >
>
> On 16 May 2017, at 19:27, Charles Goldsmith wrote:
>
> In addition to what Nate stated, the CCMCIP profile needs to be FQDN as well.
>
> On Tue, May 16, 2017 at 1:21 PM, NateCCIE wrote:
> Are you using cuplogin or cisco-uds for discovery now? If your UC services
> or system/server is not f
In addition to what Nate stated, the CCMCIP profile needs to be FQDN as
well.
On Tue, May 16, 2017 at 1:21 PM, NateCCIE wrote:
> Are you using cuplogin or cisco-uds for discovery now? If your UC
> services or system/server is not fqdn and is IP address then the client
> will complains about the
Are you using cuplogin or cisco-uds for discovery now? If your UC services or
system/server is not fqdn and is IP address then the client will complains
about the cert unless the ip is listed as a SAN. If cup login make sure your
tftp server is fqdn over in IM&P.
Sent from my iPhone
> On May
Do you see the full chain in just a web browser? My experience has shown
it will show the full chain as long as you upload Root then Intermediate as
a trust then server cert so it can find the full chain. Older versions had
you manually specify the root cert when uploading but now this is searche
Afternoon all, I’ve got a problem here with Jabber and CUCM SSL certificates.
Basic question: should the tomcat service on CUCM 11.5, with an installed CA
root, intermediate and server certificate, be offering a full certificate chain
on connection (in our case root, intermediate and server cert
12 matches
Mail list logo
