cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
982
Views
15
Helpful
2
Replies

Jabber 9.7 certificate validation

ryan_oconnell
Level 3
Level 3

Hello all,

 

I'm trying to get Certificate validation working with J4W 9.7 using IMP v9.1. I was able to get all the Tomcat certs working but struggling on the xmpp cert.

I'm following this guide 

http://www.cisco.com/c/en/us/support/docs/unified-communications/unified-presence/116917-technote-certificate-00.html

I have the following questions in relation to xmpp cert

 

  • when i create the CSR do i use cup-xmpp or do i use cup-xmpp-s2s ?
  • The document in the URL above references near the bottom "Provide XMPP Domain to Clients" if our environment uses the same "presence domain" that the server is in I presume i leave this section blank? Example our presence domain is .example.local and the presence server is in "example.local" both nodes in the cluster are using FQDN of "server.example.local"

Thanks

 

 

2 Accepted Solutions

Accepted Solutions

bernhardczapp
Level 4
Level 4

CSR for cup-xmpp has to be used.

cup-xmpp-s2s is "server to server" communication for inter domain federation.

 

The domain part is very important.

XMPP server certificates have to contain the jabber domain.

If your IM&P server is cups1.example.local and your presence domain is example.local the jabber id will be like user1@example.local. When Jabber connects to the xmpp server the certificate has to be valid for "example.local". A certificate which is only valid for cups1.example.local will create a validation error.

View solution in original post

RAJAMANI Nallakaruppan
Cisco Employee
Cisco Employee

You would need to generate the CSR for cup-xmpp

 

Refer to this doc for more info http://www.cisco.com/c/en/us/support/docs/unified-communications/unified-presence/116917-technote-certificate-00.html

View solution in original post

2 Replies 2

bernhardczapp
Level 4
Level 4

CSR for cup-xmpp has to be used.

cup-xmpp-s2s is "server to server" communication for inter domain federation.

 

The domain part is very important.

XMPP server certificates have to contain the jabber domain.

If your IM&P server is cups1.example.local and your presence domain is example.local the jabber id will be like user1@example.local. When Jabber connects to the xmpp server the certificate has to be valid for "example.local". A certificate which is only valid for cups1.example.local will create a validation error.

RAJAMANI Nallakaruppan
Cisco Employee
Cisco Employee

You would need to generate the CSR for cup-xmpp

 

Refer to this doc for more info http://www.cisco.com/c/en/us/support/docs/unified-communications/unified-presence/116917-technote-certificate-00.html

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: