Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

CUCM Certificate errors

We have a large WAN with no internet connection running CUCM for both VoIP and Telepresence, and every time we open CUCM (either VoIP or TP cluster) in Internet explorer or Firefox, a certificate error is generated as it can't verify the website's certificate because it can't get on the internet.  This also occurs when browsing to Telepresence units, CTMS and CTM.

Is there a  way we can stop them generating these errors?  It makes administering our Unified Comms environment much slower.

1 REPLY
Super Bronze

Re: CUCM Certificate errors

Hi

It's nothing to do with being able to get on the Internet.

The certificate supplied to your browser when you connect to CCM is issued by CCM itself during the install; so it isn't trusted by the browsers.

If you want browsers to trust it:

1) You need to get a certificate issued to the server by a commercial CA (i.e. verisign or other), OR you need to establish an internal CA, distribute the trusted root certificate to all your client PCs, and then use the internal CA to generate a certificate for your CCM.

2) You need to be browsing to the server by name rather than IP, and this name must match the name in the certificate in order for it to be validated.

An internal CA is typically the cost-free option, and if you have MS AD you can create a CA which and automatically distribute the trusted root certificate through AD.

Regards

Aaron

Please rate helpful posts...

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!
596
Views
0
Helpful
1
Replies