[cisco-voip] Recommendation For Certificate Provider For Jabber/Presence Use

Kevin Przybylowski kevinp at advancedtsg.com
Thu Feb 5 12:47:05 EST 2015 

Do you need to buy their wildcard cert for this or would the UC work?  I would try this internally as our godaddy's are expiring soon.  

-----Original Message-----
From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of NateCCIE
Sent: Thursday, February 5, 2015 12:38 PM
To: 'Gary Parker'
Cc: 'Cisco VoIP Group'
Subject: Re: [cisco-voip] Recommendation For Certificate Provider For Jabber/Presence Use

You can't do cluster wide-certs until 10.X.

But the way digicert works, it issues the cert over and over with each CSR.  I am confident it will work great for your 8.6 environment too.

-----Original Message-----
From: Gary Parker [mailto:G.J.Parker at lboro.ac.uk] 
Sent: Thursday, February 05, 2015 10:25 AM
To: NateCCIE
Cc: Cisco VoIP Group
Subject: Re: [cisco-voip] Recommendation For Certificate Provider For Jabber/Presence Use


> On 5 Feb 2015, at 16:51, NateCCIE <nateccie at gmail.com> wrote:
> 
> Use DIGICERT!  You can get a wildcard cert from them, and use it over and over.  So you just generate the cert based on the CSR from each app and it loads right in.
> 
> Works great on CUCM, CUC, CUP, & Expressway!

Thanks Nate, good to know that Digicert can issue certs with the right extensions, but I’m running 8.6.x and I don’t believe I can do wildcard certs on anything less than 10.5.x

As each server has it’s own private key they key either needs to be duplicated across all servers (I don’t believe you can do this on 8.6.x) or else the OS needs to support the feature natively (as it does in 10.5+)

---
/-Gary Parker----------------------------------f--\
|     Unified Communications Service Manager      |
n       Loughborough University IT Services       |
|     Tel: +441509635635  Mob: +447989172258      o
|     http://delphium.lboro.ac.uk/pubkey.txt      |
\r----------------------------------------------d-/



_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

More information about the cisco-voip mailing list