As some of you may already know as of Jabber version 9.2.5 the client force’s Certificates. If there is not a Certificate that is signed by a trusted CA, then the self-signed Cert is used.
There is no way that I have found to get around this unfortunately and the end result is the first time Jabber client is launched on a PC the person must accept in my case 7 certificate warnings (2xUCM,2xCUC,2xIMP,1xCWMS) that the host it’s connecting to is using self-signed Certs.
You have 3 options to avoid this
Stay on version 9.2.4 for the rest of your life, or until Cisco makes this an option we can opt out of
Deploy the 7 self-signed certs out to all the PC’s (not sure why this is even a real option!!!!)
Lastly you can generate CSR requests from CUCM, CUC, IMP and CWMS servers to be signed by a trusted CA
I will set the record straight first. I know very little about Cert's except the fact I dont' like working with them.
Now for my questions: I have 3
There are dozens of Cert providers out there, how do I find a LIST of CA’s that the application servers above already trust so I can avoid deploying ROOT CA’s as well to my Applications servers and PC's?
I'm following the guild below, in it there is a section called "What methods are available for certificate validation?
We use the Last jabber 9.6 Build. To avoid the cert question we use dring the Installation the following switches, the cert Switch is here the Import Switch..
msiexec.exe /i CiscoJabberSetup.msi CLEAR=1 AUTHENTICATOR=CUP CUP_ADDRESS=vCUPPUB1.example.com SERVICES_DOMAIN=example.com CERTIFICATE_VALIDATION=DISABLE
You have reached the Cisco Logistics Support Center.. To Check Status of
your RMA, visit Product Returns & Replacements (RMA). Need help? Contact
us by Phone or Email. North Americas Phone: 1800 553 2447 Option 4
Email: email@example.com Europe Phone: +3...
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...