CUCM Certificate errors

Unanswered Question
Mar 17th, 2010

We have a large WAN with no internet connection running CUCM for both VoIP and Telepresence, and every time we open CUCM (either VoIP or TP cluster) in Internet explorer or Firefox, a certificate error is generated as it can't verify the website's certificate because it can't get on the internet.  This also occurs when browsing to Telepresence units, CTMS and CTM.


Is there a  way we can stop them generating these errors?  It makes administering our Unified Comms environment much slower.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Aaron Harrison Thu, 03/18/2010 - 01:56

Hi


It's nothing to do with being able to get on the Internet.


The certificate supplied to your browser when you connect to CCM is issued by CCM itself during the install; so it isn't trusted by the browsers.


If you want browsers to trust it:


1) You need to get a certificate issued to the server by a commercial CA (i.e. verisign or other), OR you need to establish an internal CA, distribute the trusted root certificate to all your client PCs, and then use the internal CA to generate a certificate for your CCM.

2) You need to be browsing to the server by name rather than IP, and this name must match the name in the certificate in order for it to be validated.


An internal CA is typically the cost-free option, and if you have MS AD you can create a CA which and automatically distribute the trusted root certificate through AD.


Regards


Aaron


Please rate helpful posts...

Actions

This Discussion