[cisco-voip] Certificates on CUCM and CUCM IM & P

Matt Slaga (AM) matt.slaga at dimensiondata.com
Fri Apr 11 16:47:11 EDT 2014 

As long as you assigned hostnames as the Subject Name on the certificates, all you would need to do is update DNS.  It is very rare to assign a certificate to an IP address.



From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Michel L. M. B. Perez
Sent: Friday, April 11, 2014 9:28 AM
To: Heim, Dennis
Cc: cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] Certificates on CUCM and CUCM IM & P


Not yet, i have done some virtual machines to test it and will do the test with some devices.

Thanks.

--
Michel Perez
Skype: michelmbperez
michelmbperez at gmail.com<mailto:michelmbperez at gmail.com>
http://br.linkedin.com/in/michelmbperez

2014-04-11 2:06 GMT-03:00 Heim, Dennis <Dennis.Heim at wwt.com<mailto:Dennis.Heim at wwt.com>>:
Have you populated the IP Address as a subject alternative name?

Dennis Heim | Solution Architect (Collaboration)
World Wide Technology, Inc. | 314-212-1814<tel:314-212-1814>

PS Engineering:  Innovate & Ignite.


From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net<mailto:cisco-voip-bounces at puck.nether.net>] On Behalf Of Michel L. M. B. Perez
Sent: Thursday, April 10, 2014 8:13 PM
To: cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
Subject: [cisco-voip] Certificates on CUCM and CUCM IM & P

Guys,

I have a question, it is a simples question, but i was trying to find some documentation about that, and i cannot find some real explanation.

Well my customer has 5 Collab Servers (3 CUCM and 2 CUCM IM & P), all of them virtualized above VmWare and UCS Machine, 2.5K IP Phones.

My question is, i have a SIP Trunk from CUCM and CUCM IM & IP and i am using the certificates from CUCM and CUCM IM & P to make this a Secure SIP Trunk, not non Secure.

My CUCM and CUCM IM & P are using authentication with Microsoft Domain Controlles TLS on TCP/636 port using AD certificate imported on both clusters.

I have a key token this token is installed under both servers, making SIP and SCCP Secured. So everything here at my customer is not non-Secure.

My final question is now this machines need be moved from one vlan to another, and these IP adressess need to be changed.

I think that probably i will have lots of problems with that, so am i right, that i will need to generate again certificates and make all the authentication between this systems work properly after this modification?

Thanks a lot.
--
Michel Perez
Skype: michelmbperez
michelmbperez at gmail.com<mailto:michelmbperez at gmail.com>
http://br.linkedin.com/in/michelmbperez



itevomcid
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20140411/ecbdb144/attachment.html>

More information about the cisco-voip mailing list