I have a CUPS 7.0 server installed and wish to configure calendar integration. I've installed an existing self-signed certificate from the OWA and configured the Exch service user, etc. However, I just don't see the CUPC status change when a user is in a meeting or not when I create or delete meetings from their Outlook Calendar.
In the Presence Engine logs I see the following errors:
01/11/2010 13:12:33.511 EPE|system.pe.pa.owa.backend 2065342 ERROR -->CalendarSubscription::initiateRecovery: firstname.lastname@example.org SUBSCRIBE 1 TLS error - check certificate; Server certificate verification failed: issuer is not trusted
When I've checked the certificate again I can see it does not have the CA bit set (so the Subject Type=End Entity, and not CA).
As I understand from the available documentation that CUPS will not trust this certificate without this bit being set. This means that I need to ask the Exchange engineer to use makecert.exe to create another self-signed certificate - which will be exactly the same as the previous one, with the exception of the CA bit being set. The Exchange engineer has asked me about if he runs the makecert on the OWA - will it mean he needs to change the certificates on all the devices that are currently using OWA? I'm confused by this as well, from my understanding he will have to do this as you can only have one certificate active at one time... Or can I just create the certificate and then use it on CUPS only without interfering with anything else...
Does anyone with knowledge of makecert or having followed a similar path have any comments or help?
Generally speaking, you can have only one cert for Exchange.
On the other hand, when we talking about "certificate", we are actually talking about the certificate for OWA (Outlook Web Access), which is basically a web server. For Exchange, the OWA (web server) was hosted by IIS (Internet Information Server). You may create multiple "virtual servers" (instances) on IIS to serve the same Exchange. If you do that, you could have multiple certificates assigned to multiple instances.
Makecert.exe doesn't have to be run on the server. All it does just create a certificate file based on the command line paramenters. The benifits of running it on the server is you can have it put the certificate into the cert store for you (otherwise, you'll have to install the cert yourself).
SIP traces provide key information in troubleshooting SIP Trunks, SIP
endpoints and other SIP related issues. Even though these traces are in
clear text, these texts can be gibberish unless you understand fully
what they mean. This document attempts to br...
Please find the attached HTML document, download and open it on your PC.
This provides an easy to use form where you simply answer a few
questions and it will render the proper jabber-config.xml file for you
to copy/paste. There is built in logic to verif...
CUCM Database Replication is an area in which Cisco customers and
partners have asked for more in-depth training in being able to properly
assess a replication problem and potentially resolve an issue without
involving TAC. This document discusses the bas...