We have a customer, that have a large CUCM cluster, where most of the self-sighed certificates has expired. :-/
I know that we need to regenerate the certificates outside normal business hours, but the customer is running a 24 hour operation.
So we would have to break this down in small bits, because we have about 10K phones in the cluster.
We are not running in Cluster Secure Mode, and there's no phones connected to the Publisher. They are only connected to the subscribers.
So could we start with regenerating the certificates on the publisher without every phone rebooting?
And then take every subscriber one at the time within a scheduled maintenance window?
It's all the certificates that need to be regenerated. Callmanager, TVS, IPsec etc etc.
CUCM version is 10.5.2