Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

J4W 9.2.6 and Jabber for Mobile 9.6 : Certificate Management

Hello,

I have deployed 2 Cisco IM & P servers 9.1.1. When client jabber log in, the server presents 3 certificates (IM&P Pub, IM&P Sub, CUCM) to be validated and saved in local trust store.

What are the certificates that I have to sign against the Private CA ? Or Do I only upload Root CA of the company into IM&P servers ?

2 REPLIES

Re: J4W 9.2.6 and Jabber for Mobile 9.6 : Certificate Management

Hi Driss,

Per my understanding the certificates that are presented are the Tomcat self-signed Certificates that are created during CUPS Pub&Sub and CUCM installation.

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/jabber/Windows/9_2/JABW_BK_C9731738_00_jabber-windows-install-config/JABW_BK_C9731738_00_jabber-windows-install-config_chapter_01001.html

Here I see you have 3 options:

a) Complex: Install thirdparty certs in your CUCM/CUPS servers, those certs should be issued by a Certificate Authority which root certificate is already part of your Truststore in Mobile client (Example: Verisign, Godaddy, etc.)

This process in CUCM/CUPS has been there for a while, you can look up how to install third party certs for CUCM/CUPS. Process is very straight forward, you generate a CSR (Tomcat), provide the CSR to your CA and then obtain the new cert, once you have the new cert, import it to your CUCM. The CA must be a trusted one by your clients (Example: Verisign, Godaddy, etc)

b) Simple: Import those default Tomcat CUCM/CUP self-signed certificates into your Desktops/Mobile clients trust store.

c) Annoying: Educate users to select Accept certificates

-Gonzalo

New Member

Re: J4W 9.2.6 and Jabber for Mobile 9.6 : Certificate Management

Hi Gonzalo,

Thank you for your reply. I'm trying to execute the first action plan. But, I'm facing some issues that I'm trying to resolve with TAC. Once finished, I will update the post.

Thanks

Driss

419
Views
0
Helpful
2
Replies
CreatePlease to create content