Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Delete CAPF certificate

Friends,

Recently, we had an issue in the CUCM cluster as one of the Callmanager-trust certificate was expired and we didn't notice. We had to raise a TAC to regenerate it. Now the cluster is working fine but we are getting alerts on the certificate which was expired. We need to delete that. I need to know, deleting that particular expired certificate will have any impact?

 

CUCM v9.1.2.12024-1

Mohsin.

Everyone's tags (2)
1 REPLY
VIP Super Bronze

CAPF is only used in a mixed

CAPF is only used in a mixed-mode cluster where you are using a CTL file and doing authentication or encryption with endpoints and trunks. If your cluster shows Cluster Security Mode = 0 under System > Enterprise Parameters, then you are not doing this and the CAPF process is irrelevant. In that case, it shouldn't even be activated in fact.

If you are running in mixed mode then you need to proceed far more cautiously. This is the certificate that signed all endpoint LSCs and needs to be very carefully replaced. The Security Guide would be a good place to start understanding this feature.

148
Views
0
Helpful
1
Replies
CreatePlease to create content