07-21-2014 07:21 AM - edited 03-16-2019 11:28 PM
A customer I support wants to use a new URL for its users to reach the ucmuser page. I want to make sure that I don't change the ITL file when making this change. My plan is to use the "set web-security" command to create a subject alternative name in the tomcat certificate. I will then generate a CSR which the customer will send to their CA for the new certificate. Once I receive the new certificate, I will of course upload it to CUCM with the root and any intermediate certificates. Per the document, https://supportforums.cisco.com/document/30501/cucm-uploading-ccmadmin-web-gui-certificates#Server_Admin_Uploads_Root_Certificates_as_tomcat-trust, when I upload the root certificate I will upload it as a tomcat-trust certificate. It is my understanding, based on another Cisco document, that I can upload a new tomcat certificate without affecting the ITL file. Does the uploading of the root certificate as an additional tomcat-trust cert change the ITL file?