Hi All UC Experts,
I just deployed the Expressway VPN-less Jabber solution on my Cisco UC environment. I am thinking the Managing Certificate Revocation Lists (CRLs). Actually, I have not the much more experience about the CRL deployment.
The Cisco Guide just introduced the CRL: http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config...
Now, I am using the OpenSSL CA, which is the self-CA for internal usage only.
1. Can I prevent from the cert. error when the users access the Expressway-Edge as using the internal OpenSSL CA? Will not prompt the cert. error if the (CN="Expressway-Edge Public FQDN")?
2. How can I do the best CRL? Actually, the all users would use the Exchange addresses as the login. Should I use the Windows Cert. Server to make the CRL? Is it the CRL controlled by per devices? That mean one user will use the one or more mobile devices, then the admin can revoke the login per device?
3. I discovered the Jabber Client would lock the local cache on the mobile device / Windows PC. Can I make the local cache encryption?