Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CUCM and IM&P Certificate Management 10.5

The CUCM OS Administration guide lists the CSRs for Cisco Unified Communications Manager, Tomcat, and IPsec use the following extensions:

 

This is updated from previous releases and I need to know if this is actual or a typo. Most all of our customers use a Microsoft Certificate authority internal to sign tomcat. 

 

 

The "Key Usage" doesn't look correct. Using a Microsoft CA the documentation should show "Key Encipherment, Data Encipherment OR Key Agreement". You don't get a choice to do all three, you must choose Key Agreement or Key Encipherment. 

 

 

Now there is a 5th key usage listed in the documentation "certificate sign". How do I add this because a certificate for signature and encryption is not going to be enabled for certificate signing purposes. 

 

 

I need to figure out these requirements ASAP because of a tight roll-out on the Jabber and needing signed certificates to eliminate the certificate prompts. I want to make sure my certificate requests are proper. 

 

 

Thanks!

1 REPLY
New Member

Joshua,I'm going through

Joshua,

I'm going through exactly the same issue - correctly selecting Key Usage on our Microsoft CA to match CUCM 10.5 certs.  How did you resolve this?

Thanks,

Oskar

 

186
Views
0
Helpful
1
Replies