[cisco-voip] Callmanager TomCat

[Josh Warcop]

3rd party CA signed is important for an actual BYOD strategy so you're not doing certificate deployment to non-corporate devices. Granted it costs a bit more but the I rather pay that vs. Managing an internal CA properly.

Sent from my Windows Phone
________________________________
From: Chris Ward (chrward)<mailto:chrward at cisco.com>
Sent: ‎10/‎29/‎2014 2:43 PM
To: Jason Aarons (AM)<mailto:jason.aarons at dimensiondata.com>; cisco-voip (cisco-voip at puck.nether.net)<mailto:cisco-voip at puck.nether.net>
Subject: Re: [cisco-voip] Callmanager TomCat

IP/Hostname isn't the issue. It's the self-signed certificate that CUCM/IMP is using.

The fix is either to get a cert signed by a publicly trusted cert authority like GoDaddy or Verisign OR you need a CA on the local network (AD) that the Windows system trusts (has the root cert loaded) and use that to generate a new cert for CUCM.

The latter is free except for time and allows a little more flexibility.

+Chris
TME - MediaSense and Unity Connection

From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Jason Aarons (AM)
Sent: Wednesday, October 29, 2014 1:47 PM
To: cisco-voip (cisco-voip at puck.nether.net)
Subject: [cisco-voip] Callmanager TomCat

Customer is asking if they can leave CallManager > CCMAdmin > Server >  IP address and change the Tomcat Certificate to IP Address for Jabber for Windows client to be happy and not prompt an error first time opening?  Can you even do that in CUCM? So keep the ip address as the Subject Alternate Name?



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20141029/f62dcef4/attachment.html>
-------------- next part --------------
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip