Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Jabber Guest - Expressway Edge Cluster TLS

Hello all,

 

For a customer I am deploying the following:

(2) Expressway Core

(2) Expressway Edge

(3) Jabber Guest Server

 

The Expressway Edge cluster will have dual-NICs and the 2nd NIC will not be NAT - it will have a public IP.

 

In the deployment guide for Jabber Guest 10.5 for configuring the Jabber Guest server signaling and media, it states to obtain the Cisco Expressway-E certificate authority certificate for TLS signaling.

 

I assume this means I just need to install the CA Root/Intermediate certificate that issued the Expressway-Es certificates as a Secure SIP Trust Certificate?

Can I manually stack the intermediate and root to one single PEM file to upload?

 

Since the Expressway-Es are clustered and the certificate does specify the cluster FQDN along with all the peers as a SAN, I didn't think I would upload just one of the Expressway-Es certificate as a Secure SIP Trust Certificate on the Jabber Guest servers.

 

Any help is greatly appreciated!

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Hi Daniel,Installing the CA

Hi Daniel,
Installing the CA Root or intermediate cert on the JG server as the secure SIP trust cert should work fine, no need to stack the certs.
Alternatively, if the signed cert has the peers in the SAN, that should work too, but I have not explicitly done that.

 

-mike

1 REPLY
Cisco Employee

Hi Daniel,Installing the CA

Hi Daniel,
Installing the CA Root or intermediate cert on the JG server as the secure SIP trust cert should work fine, no need to stack the certs.
Alternatively, if the signed cert has the peers in the SAN, that should work too, but I have not explicitly done that.

 

-mike

247
Views
0
Helpful
1
Replies
CreatePlease to create content