[cisco-voip] Self-Signed Certificates on CallManager

ROZA, Ariel Ariel.ROZA at LA.LOGICALIS.COM
Tue Nov 24 15:22:47 EST 2009


Bill,

  Although not issued by a Public CA; you can make your browser accept the certificates of you CCM as valid, and not display a warning.
  Most modern browser have an option to manually import the certificate in your computer´s local certificate store. You usually see this option when handling an invalid certificate.

  For example, in Internet Explorer 8, you can see the button "Certificate invalid" besides the address bar after you click in the option ¨Continue to this website". If you click this button, you will se a dialog that shows you the certificate in question and allows you to import it.

Keep in mind that for the certificate to be recognized as valid, you would have to access the CCM server via its hostname and not it´s IP Adress.

 ARIEL ROZA
Service Delivery Engineer
 LOGICALIS
Peru 327 1° Piso - C.A.B.A. - Argentina - C1063ACH
Tel/Fax: +54 (11) 4344-0300
ariel.roza at la.logicalis.com
www.la.logicalis.com
www.logicalisnow.com
 Por favor, piense en el medioambiente antes de imprimir este email. 
La presente información se envía únicamente para el destinatario, y contiene información de carácter CONFIDENCIAL o PRIVLEGIADA.
La modificación, retransmisión, difusón, copia u otro uso de esta información por cualquier medio, por personas distintas al destinatario, están estrictamente prohibidas.





From: Carter, Bill
Sent: Sat 21/11/2009 19:52
To: cisco-voip at puck.nether.net
Subject: [cisco-voip] Self-Signed Certificates on CallManager


I don't know much about certificates and CA....I understand web sites etc. that use SSL have registered their certificates with a CA. When we install CallManager it uses SSL with self-signed certificates. When web'ng into UCM the browsers display the a certificate error. I believe this is because the certificate is not registered with a recognized CA.
 
I understand, if an organization already has a business relationship with a CA, a "valid" certificate can be loaded on UCM. Is it possible for Cisco to provide certificates on UCM that are registered with a CA so we don't get the browser errors? Or is it a requirement that the end user obtain valid certificates for their own servers? Like I said, I don't know the mechanics of how certificates work.
 
Thanks,
Bill
 
 
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20091124/2cb9f2a6/attachment.html>


More information about the cisco-voip mailing list