cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
977
Views
0
Helpful
4
Replies

CUPS - Enabling DNS for Certificates to support E2K7

btmulgrew
Level 4
Level 4

Hi - We have been having some issues with our customer's E2K7 / W2K8 calendaring integration with CUPS 7.0.4.  It looks as though E2K7 installs a self signed cert in it's store as part of the install for client email access.  This cert CN, however, is based on the DNS name (e.g. E2K7) and not IP and we do not have DNS client enabled on our CUPS server (all UC comms is usig IP addresses).  My question is, what is the best way to get CUPS to resolve the E2K7 fqdn (e.g. E2K7.CISCO.COM) ?  Can we run the "utils network host" command and specifiy the fqdn, or do we need to use the "set network dns" as the internal nameservers and "set network domain" as the suffix (e.g CISCO.COM).  Also - would these commands have any impact on the CUCM connectivity / SIP Domain etc?

thanks in advance

Brian

1 Accepted Solution

Accepted Solutions

htluo
Level 9
Level 9

You need DNS for this integration.  It is because CUPS can only talks with Exchange via SSL.  And SSL requires the request URL match with the CN in the certificate.

As an (unusual) workaround, you may regnerate the Exchange certificate with IP address in subject name.

Michael

http://htluo.blogspot.com

View solution in original post

4 Replies 4

htluo
Level 9
Level 9

You need DNS for this integration.  It is because CUPS can only talks with Exchange via SSL.  And SSL requires the request URL match with the CN in the certificate.

As an (unusual) workaround, you may regnerate the Exchange certificate with IP address in subject name.

Michael

http://htluo.blogspot.com

btmulgrew
Level 4
Level 4

Thanks Michael - i was wondering what the best way to enable DNS on CUPS is and if it will impact other components such as the SIP domain / CUCM?

thks

You may use the command "set network dns primary".  It won't affect the function with CUCM.

Regards,

Michael

Hi Michael - apologies for being so pedantic here; I have configured the DNS as suggested and can resolve the E2K7 FQDN, but the cert CN is referred to as a hostname only. Is the only way to have CUPS assign the suffix to the hostname to use the "set network domain" command?  I am wary of running this due to the warning that appears and concerns of impact again on SIP domain settings.  We are running a single CUPS server.

thanks again

Brian

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: