[cisco-voip] Recommendation For Certificate Provider For Jabber/Presence Use

NateCCIE nateccie at gmail.com
Thu Feb 5 12:38:07 EST 2015


You can't do cluster wide-certs until 10.X.

But the way digicert works, it issues the cert over and over with each CSR.  I am confident it will work great for your 8.6 environment too.

-----Original Message-----
From: Gary Parker [mailto:G.J.Parker at lboro.ac.uk] 
Sent: Thursday, February 05, 2015 10:25 AM
To: NateCCIE
Cc: Cisco VoIP Group
Subject: Re: [cisco-voip] Recommendation For Certificate Provider For Jabber/Presence Use


> On 5 Feb 2015, at 16:51, NateCCIE <nateccie at gmail.com> wrote:
> 
> Use DIGICERT!  You can get a wildcard cert from them, and use it over and over.  So you just generate the cert based on the CSR from each app and it loads right in.
> 
> Works great on CUCM, CUC, CUP, & Expressway!

Thanks Nate, good to know that Digicert can issue certs with the right extensions, but I’m running 8.6.x and I don’t believe I can do wildcard certs on anything less than 10.5.x

As each server has it’s own private key they key either needs to be duplicated across all servers (I don’t believe you can do this on 8.6.x) or else the OS needs to support the feature natively (as it does in 10.5+)

---
/-Gary Parker----------------------------------f--\
|     Unified Communications Service Manager      |
n       Loughborough University IT Services       |
|     Tel: +441509635635  Mob: +447989172258      o
|     http://delphium.lboro.ac.uk/pubkey.txt      |
\r----------------------------------------------d-/





More information about the cisco-voip mailing list