Use wildcard certificate with CUCM Server?

Answered Question
Oct 21st, 2009

Customer wants to use their Verisign wildcard certificate for the Tomcat cert on the CUCM servers, will this work?

I have this problem too.
0 votes
Correct Answer by htluo about 7 years 1 month ago

Wild card certificate is not supported by CUCM (or CER, or CUPS, or CUMA).

But they do support "alternative name" in certificates.

Michael

http://htluo.blogspot.com

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
htluo Wed, 10/21/2009 - 16:38

Wild card certificate is not supported by CUCM (or CER, or CUPS, or CUMA).

But they do support "alternative name" in certificates.

Michael

http://htluo.blogspot.com

MARK BAKER Mon, 11/16/2009 - 10:59

HTLuo,

I came across your response while trying to find out if Unity Connection supported wildcard certs. When I try to load one, I get name on certificate does not match server name. unitycnx.sample.com does not match *.sample.com.

Since our Cisco remote access VPN supports wildcard masks, I am not sure why the Unified Communications equipment does not. I would like to submit this to Cisco as a feature request. Can you think of a reason why Cisco would not or can not add this feature?

I also enjoyed your CUPS book! Do you have any plans on writing a basic book for UCCX? This is a complicated subject, but I'm sure your straightforward writing style would allow anyone to come up to speed on the basics.

Thanks,

Mark

htluo Mon, 11/16/2009 - 14:11

I really can't find a reason why wildcard cert is not supported. It's so common in the field. I would recommend you submit a feature request. Maybe the development team is just waiting for enough votes to proceed. :)

Regarding UCCX, I wish I had written the book while I'm in UCCX team. It would have been much more easier. UCCX 8 is supposed to be on Linux platform. I guess I would write a book then (if my boss can spare me some time) :)

Michael

ffischer Wed, 12/08/2010 - 06:09

Having a customer asking for that as well,

another vote from me for suporting wildcard certificates !

Another thing is:

I did not yet find a way to import and use completely externaly generated certs

(including their public& private keys) and use them i.e. as

TLS Server Cert for the management tomcat server.


The only thing I found in the WebGUI was generating a CSR...

Did I miss something ?

Frank

Sorry, but I am often dealing with Cisco ASA firewalls and IOS Routers,

where this has been possible for years now ..

Actions

This Discussion