[cisco-voip] UCCX tomcat - move to CA signed certificate Gotya's?
Andrew Grech
agrech88 at gmail.com
Mon Sep 15 08:52:55 EDT 2014
Well seemed to work OK thanks for assistance Anthony and Matthew.
So this for 9.02 UCCX automatically chained the certificates, socialminer
10.5 required me to specify the root where in the Intermediate host and
issuing server came from.
I should have added an additional SAN for the IP of the server as Calabrio
wants to use the IP for JAVA...
Matthew I was talking about internal certificates but chained CA's. People
used to just sign with a root but now its common for Root > intermediate
and issuing server . See this post
https://supportforums.cisco.com/document/30501/cucm-uploading-ccmadmin-web-gui-certificates
the extra steps were not required.
Thanks Anthony for the link I did it out of hours as I saw CAD but didn't
see any affect... PS Anthony I'd love to hear how you went with Presence, I
still have a TAC case open for DRS which is preventing me from clustering
the server.
On Mon, Sep 15, 2014 at 9:58 PM, Matthew Loraditch <
MLoraditch at heliontechnologies.com> wrote:
> I had to upload my root, but it was internal, not sure about public CAs.
>
>
>
>
>
> Matthew G. Loraditch – CCNP-Voice, CCNA-R&S, CCDA
>
> 1965 Greenspring Drive
> Timonium, MD 21093
>
> direct voice. 443.541.1518
> fax. 410.252.9284
>
> Twitter <http://twitter.com/heliontech> | Facebook
> <http://www.facebook.com/#!/pages/Helion/252157915296> | Website
> <http://www.heliontechnologies.com/> | Email Support
> <support at heliontechnologies.com?subject=Technical%20Support%20Request>
>
> Support Phone. 410.252.8830
>
>
>
>
>
> *From:* Andrew Grech [mailto:agrech88 at gmail.com]
> *Sent:* Monday, September 15, 2014 7:54 AM
> *To:* Matthew Loraditch
> *Subject:* RE: [cisco-voip] UCCX tomcat - move to CA signed certificate
> Gotya's?
>
>
>
> Thanks im actually doing it now on uccx 9.02, it must automatically chain
> my CAs? In socialminer 10.5 you have to tell it the root it came from...
>
> On 15/09/2014 9:51 PM, "Matthew Loraditch" <
> MLoraditch at heliontechnologies.com> wrote:
>
> The only gotcha I can think of is, if you are on newer versions even
> though it’s one cert you have to restart Tomcat, CUIC and Finesse, if you
> are using it, as they all run as separate instances.
>
>
>
> HTH
>
>
>
>
>
> Matthew G. Loraditch – CCNP-Voice, CCNA-R&S, CCDA
>
> 1965 Greenspring Drive
> Timonium, MD 21093
>
> direct voice. 443.541.1518
> fax. 410.252.9284
>
> Twitter <http://twitter.com/heliontech> | Facebook
> <http://www.facebook.com/#!/pages/Helion/252157915296> | Website
> <http://www.heliontechnologies.com/> | Email Support
> <support at heliontechnologies.com?subject=Technical%20Support%20Request>
>
> Support Phone. 410.252.8830
>
>
>
>
>
> *From:* cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] *On Behalf
> Of *Anthony Holloway
> *Sent:* Sunday, September 14, 2014 10:12 PM
> *To:* Andrew Grech
> *Cc:* Cisco VoIP Group
> *Subject:* Re: [cisco-voip] UCCX tomcat - move to CA signed certificate
> Gotya's?
>
>
>
> Andrew,
>
>
>
> Check out the port utilization guide to figure out what tomcat is
> responsible for.
>
>
>
>
> http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cust_contact/contact_center/crs/express_9_02/configuration/guide/UCCX_BK_P89325D5_00_port-utilization-guide-uccx-902.pdf
>
> On Sunday, September 14, 2014, Andrew Grech <agrech88 at gmail.com> wrote:
>
> I'm going to signing my UCCX tomcat certificate with a internal trusted
> root authority this week and restarting the Tomcat service. Can anyone
> think of any issues this may cause for logged in agents or the contact
> center general?
>
>
>
> This is going to be done for the socialminer agent desktop page.
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20140915/6e46ad8d/attachment.html>
More information about the cisco-voip
mailing list