08-31-2009 08:24 AM - edited 03-18-2019 10:33 AM
Hello,
I have a CUCM 6.1.3 cluster. I would like to generate a custom certificate for tomcat service in order to control warnings in the CCMUser webpage.
I followed the Security guide:
1. Generated a CSR.
2. Downloaded it.
3. Generated a certificate thanks to a CA.
4. Uploaded the tomcat-trust CA certificate.
5. Uploaded the issued CUCM certificate.
6. Restarted the Tomcat service.
Everything is working:
- The new SSL certificate is the new one I uploaded, trusted by my own CA (checked in the cert properties).
This new certificate contains a CN equals to "hostname.domain name given during the installation" (ie. cucmlab.voip.local).
Now, I would like to give to users a user-friendly URL like "myphone.corpo-domain.com" resolved by the DNS to my CUCM first node.
But I don't know how. The generated CSR contains automatically a default CN built with the hostname of the node and the domain name given during installation. I cannot specify a custom CN like "myphone.corpo-domain.com".
Is there a solution to force the CN or the CSR in order to generate a certificate in relation with the user-friendly URL?
Thank you for your help.
Yorick
08-31-2009 10:53 AM
Hi,
It sounds like you will need to issue a certificate that contains Subjet Alternate Names; or a SAN certificate to accomplish this. It allows you to have multiple names in one web certificate. Just do a search for creating SAN certificates in google and you will get tons of info.
08-31-2009 10:55 PM
Hi,
I think you are right, SAN certificate is the solution of our needs.
I did some searches on the NetPro forum and apparently there is a command to add an Alternate Name to the CSR: "set web-security alternate-host-name hostname".
Unfortunately, this command seems to be present only from the 7.0 versions and I run a 6.1.3 version...
If someone knows a workaround, customer will keep the certificate error messages until he will upgrade to 7.1. :(
Bad news.
Yorick
10-22-2009 07:02 AM
will this work for 4.1.3 also?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide