[cisco-voip] 10.5.1 UCCX Certificate for Finesse

Brian Meade bmeade90 at vt.edu
Thu Feb 5 13:29:14 EST 2015


You can run the CA on your domain controller which all domain users will
trust certificates from automatically.

On Thu, Feb 5, 2015 at 12:52 PM, Jose Colon II <jcolon424 at gmail.com> wrote:

> Thanks Brian, How would I go about issuing a internal CA that does not
> require the Finesse user to accept multiple certificates. My users are not
> that tech savvy and there are over 300 of them that will need to come
> monday morning.
>
> On Thu, Feb 5, 2015 at 11:38 AM, Kevin Przybylowski <
> kevinp at advancedtsg.com> wrote:
>
>> Another nice CSR decoder:
>> https://www.networking4all.com/en/support/tools/csr+check/
>>
>>
>> -----Original Message-----
>> From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf
>> Of Jason Aarons (AM)
>> Sent: Thursday, February 5, 2015 12:08 PM
>> To: Gary Parker; jcolon424 at gmail.com
>> Cc: Cisco VOIP
>> Subject: Re: [cisco-voip] 10.5.1 UCCX Certificate for Finesse
>>
>> I've run into this before TX vs Texas
>>
>> Use this to view your CSR and then fix via the set web-security commands
>> etc
>>
>> http://certlogik.com/decoder/
>>
>>
>>
>>
>> -----Original Message-----
>> From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf
>> Of Gary Parker
>> Sent: Thursday, February 5, 2015 11:55 AM
>> To: jcolon424 at gmail.com
>> Cc: Cisco VOIP
>> Subject: Re: [cisco-voip] 10.5.1 UCCX Certificate for Finesse
>>
>>
>> > On 5 Feb 2015, at 16:37, Jose Colon II <jcolon424 at gmail.com> wrote:
>> >
>> > I am trying to generate certificate request from 10.5.1 UCCX box and
>> the cert it generates is not working with verasign. It tells me "The State
>> Name in the CSR cannot be abbreviated"
>> >
>> > Anyone have any suggestions?
>>
>> Hi Jose, have a look at your CSR using:
>>
>> openssl req -text -noout -verify -in CSR.csr
>>
>> where CSR.csr is your csr file.
>>
>> Mine, for example, reads:
>>
>>         Subject: C=GB, ST=Leicestershire, L=Loughborough, O=Loughborough
>> University, OU=ITS, CN=
>> tainter.lboro.ac.uk/serialNumber=xxxxxxxxxxxxxxxxxxxxxxxxx
>>
>> On the “Subject:” line is the entry for ST= an abbreviated version of
>> your State name? If so I’d imagine you’ll have to login on the command line
>> for the server and use “set web-security” to change the State to a proper
>> value.
>>
>> If I had ST=Leics it would also likely fail.
>>
>> Be aware that this *may* make you have to relicense the server (I’m not
>> sure if changing state is enough to trigger this).
>>
>>
>> ---
>> /-Gary Parker----------------------------------f--\
>> |     Unified Communications Service Manager      |
>> n       Loughborough University IT Services       |
>> |     Tel: +441509635635  Mob: +447989172258      o
>> |     http://delphium.lboro.ac.uk/pubkey.txt      |
>> \r----------------------------------------------d-/
>>
>>
>>
>>
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150205/7120a821/attachment.html>


More information about the cisco-voip mailing list