Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

CUP federation and trusted Certificate CN

I am in the process of setting up CUP federation over XMPP and as I would like to enable security it looks like I should get an SSL certificate from a public CA.  The problem is I don't know what name I should get as the CN.  Cisco's docs are a little vaugue on the topic:

They state "For XMPP Federation, the Subject Common Name (CN) for the certificate must contain the domain of

the Cisco Unified Presence server."

In my situation our internal AD/dns domain is like, my servers (HA pair) are named and

What does my CN on the certificate need to be and do I need more than one certificate since I will use both CUP servers to federate via the DNS SRV records?

I expect that I need the entry "Enable use of Email Address when Federating" found under Presence -> Settings.

I also took note of "You can configure a wildcard domain here, for example, ‘*’ if you deploy the Chat feature

on Cisco Unified Presence, and the chat component is a subdomain of the parent domain."  However for cost purposes I would preffer not to have to get a wildcard certificate as they get a little pricey, but if that is what I need for my environment; it is what it is.

I am running CUP 8.6.4.

Everyone's tags (3)
CreatePlease to create content