[cisco-voip] self-signed certificate on CUCM v7
Lelio Fulgenzi
lelio at uoguelph.ca
Mon Mar 21 16:38:57 EDT 2011
Wow, that's great information. I've added the domain name as part of the install process, so multiple restarts are ok. The reason it's not there in the beginning is because I had to install first offline with no DNS access.
Regenerating seems the way to go, however, there are a few that do not have a regenerate key. I've got a TAC case opened to see how that will go.
Lelio
---
Lelio Fulgenzi, B.A.
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1
(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Cooking with unix is easy. You just sed it and forget it.
- LFJ (with apologies to Mr. Popeil)
----- Original Message -----
From: "Jason Burns" <burns.jason at gmail.com>
To: "Lelio Fulgenzi" <lelio at uoguelph.ca>
Cc: cisco-voip at puck.nether.net
Sent: Monday, March 21, 2011 3:57:31 PM
Subject: Re: [cisco-voip] self-signed certificate on CUCM v7
If you configure a domain with "set network domain" you can regenerate your certificates and they'll have the FQDN.
If you don't want to change the domain (because a reboot is required, and it MUST be added on all servers in the cluster (forcing multiple reboots), you can use
set web security
to add a Subject Alternate Name and regenerate your certificates.
https://supportforums.cisco.com/docs/DOC-6119
-Burns
On Mon, Mar 21, 2011 at 10:15 AM, Lelio Fulgenzi < lelio at uoguelph.ca > wrote:
Looks like I solved this by simply regenerating the self-signed certificate. I didn't see a prompt for details so I wasn't sure it would use the FQDN, but it did.
---
Lelio Fulgenzi, B.A.
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1
(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Cooking with unix is easy. You just sed it and forget it.
- LFJ (with apologies to Mr. Popeil)
From: "Lelio Fulgenzi" < lelio at uoguelph.ca >
To: cisco-voip at puck.nether.net
Sent: Monday, March 21, 2011 9:53:52 AM
Subject: [cisco-voip] self-signed certificate on CUCM v7
My CUCM v7 system has a self-signed certificate which only has the hostname, not a FQDN. While FF installs this certificate fine and doesn't prompt you with warnings, IE does not.
Is it possible to re-create the self-signed certificate so that it has the FQDN?
---
Lelio Fulgenzi, B.A.
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1
(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Cooking with unix is easy. You just sed it and forget it.
- LFJ (with apologies to Mr. Popeil)
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20110321/33021389/attachment.html>
More information about the cisco-voip
mailing list