Hi
Getting a cert uploaded is a three-step process.
1) Go to OS admin, and generate a CSR (Certificate Signing Request) for the tomcat service.
2) Take the CSR to your cert server/provider, and get a cert issued. If it's a cert provider that isn't well known, or is an internal server to your organisation, then you will probably need the root cert and any intermediate certificates.
3) Upload the root cert to the OS Admin page where you got the CSR from. Also upload intermediate and root certs.
Restart the server (or just the tomcat server 'utill service restart cisco tomcat' from the server CLI) for it to take effect.
It's all detailed in the OS Administration guide for your version of CUCM.
There's a few other things you should know about SSL in general:
- SSL is meant for encrypting traffic, which it does if you connect to a https: URL.
- The other part is that it authenticates the server - i.e. assures it is the server it says it is. As such, you will ALWAYS get a cert error if you connect to the server using https://ipaddress, or an alias for the server such as https://phonesystem.
So make sure you are using the server's hostname when connecting after loading the cert and restarting.
Aaron
Regards
Please rate helpful posts...
Aaron
Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!