[cisco-voip] CUCM Certificate question

Jason Aarons (AM) jason.aarons at dimensiondata.com
Wed Dec 5 13:21:13 EST 2012


He's referring to wanting alternate names which can only be done via CLI. But I don't have the syntax.

From: cisco-voip-bounces at puck.nether.net [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Nate VanMaren
Sent: Wednesday, December 05, 2012 1:11 PM
To: Erick Wellnitz; cisco-voip
Subject: Re: [cisco-voip] CUCM Certificate question



Generate CSR from OS Administration



[cid:image001.png at 01CDD2EB.66527580]



Download the CSR

[cid:image002.png at 01CDD2EB.66527580]



Login to your CA



[cid:image003.png at 01CDD2EB.66527580]



Then:

[cid:image004.png at 01CDD2EB.66527580]

Paste the contents of the CSR in the request area.

Select Web Server

Put in the additional Attributes for the SAN, IP, short and long hostname, and cluster name for load balanace

san:dns=5.5.5.5&dns=asiavp1&dns=asiavp1.ldschurch.org&dns=asiavp&dns=asiavp.ldschurch.org



[cid:image005.png at 01CDD2EB.66527580]



Download the Cert Chain.

[cid:image006.png at 01CDD2EB.66527580]



Upload to CM

[cid:image007.png at 01CDD2EB.66527580]


From: cisco-voip-bounces at puck.nether.net [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Erick Wellnitz
Sent: Wednesday, December 05, 2012 9:24 AM
To: cisco-voip
Subject: [cisco-voip] CUCM Certificate question

CUCM 8.6.2
MS internal certificate services

What I need to do is generate a certificate with three subject alternative names.  So far, I haven't been able to get my generated cert to work.  The self signed cert is still being used.  Anyone ever made this kind of thing work?  I have had it working by using the csr but that doesn't allow me to add the needed SANs.

Any ideas would be much appreciated!


NOTICE: This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message.



itevomcid
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20121205/0d083e55/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 19107 bytes
Desc: image001.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20121205/0d083e55/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 18990 bytes
Desc: image002.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20121205/0d083e55/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 1033 bytes
Desc: image003.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20121205/0d083e55/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 3102 bytes
Desc: image004.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20121205/0d083e55/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 28800 bytes
Desc: image005.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20121205/0d083e55/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.png
Type: image/png
Size: 3647 bytes
Desc: image006.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20121205/0d083e55/attachment-0005.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image007.png
Type: image/png
Size: 23354 bytes
Desc: image007.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20121205/0d083e55/attachment-0006.png>


More information about the cisco-voip mailing list