[cisco-voip] 10.5.1 UCCX Certificate for Finesse

Anthony Holloway avholloway+cisco-voip at gmail.com
Thu Feb 5 14:34:46 EST 2015


If your Agents are using IE then that's all you need, otherwise, FireFox
has it's own list of Trusted Root CA's and you'll need to supply the
Trusted Root CA cert to each individual FF browser.

On Thu Feb 05 2015 at 12:41:14 PM Brian Meade <bmeade90 at vt.edu> wrote:

> You can run the CA on your domain controller which all domain users will
> trust certificates from automatically.
>
> On Thu, Feb 5, 2015 at 12:52 PM, Jose Colon II <jcolon424 at gmail.com>
> wrote:
>
>> Thanks Brian, How would I go about issuing a internal CA that does not
>> require the Finesse user to accept multiple certificates. My users are not
>> that tech savvy and there are over 300 of them that will need to come
>> monday morning.
>>
>> On Thu, Feb 5, 2015 at 11:38 AM, Kevin Przybylowski <
>> kevinp at advancedtsg.com> wrote:
>>
>>> Another nice CSR decoder: https://www.networking4all.
>>> com/en/support/tools/csr+check/
>>>
>>>
>>> -----Original Message-----
>>> From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf
>>> Of Jason Aarons (AM)
>>> Sent: Thursday, February 5, 2015 12:08 PM
>>> To: Gary Parker; jcolon424 at gmail.com
>>> Cc: Cisco VOIP
>>> Subject: Re: [cisco-voip] 10.5.1 UCCX Certificate for Finesse
>>>
>>> I've run into this before TX vs Texas
>>>
>>> Use this to view your CSR and then fix via the set web-security commands
>>> etc
>>>
>>> http://certlogik.com/decoder/
>>>
>>>
>>>
>>>
>>> -----Original Message-----
>>> From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf
>>> Of Gary Parker
>>> Sent: Thursday, February 5, 2015 11:55 AM
>>> To: jcolon424 at gmail.com
>>> Cc: Cisco VOIP
>>> Subject: Re: [cisco-voip] 10.5.1 UCCX Certificate for Finesse
>>>
>>>
>>> > On 5 Feb 2015, at 16:37, Jose Colon II <jcolon424 at gmail.com> wrote:
>>> >
>>> > I am trying to generate certificate request from 10.5.1 UCCX box and
>>> the cert it generates is not working with verasign. It tells me "The State
>>> Name in the CSR cannot be abbreviated"
>>> >
>>> > Anyone have any suggestions?
>>>
>>> Hi Jose, have a look at your CSR using:
>>>
>>> openssl req -text -noout -verify -in CSR.csr
>>>
>>> where CSR.csr is your csr file.
>>>
>>> Mine, for example, reads:
>>>
>>>         Subject: C=GB, ST=Leicestershire, L=Loughborough, O=Loughborough
>>> University, OU=ITS, CN=tainter.lboro.ac.uk/serialNumber=
>>> xxxxxxxxxxxxxxxxxxxxxxxxx
>>>
>>> On the “Subject:” line is the entry for ST= an abbreviated version of
>>> your State name? If so I’d imagine you’ll have to login on the command line
>>> for the server and use “set web-security” to change the State to a proper
>>> value.
>>>
>>> If I had ST=Leics it would also likely fail.
>>>
>>> Be aware that this *may* make you have to relicense the server (I’m not
>>> sure if changing state is enough to trigger this).
>>>
>>>
>>> ---
>>> /-Gary Parker----------------------------------f--\
>>> |     Unified Communications Service Manager      |
>>> n       Loughborough University IT Services       |
>>> |     Tel: +441509635635  Mob: +447989172258      o
>>> |     http://delphium.lboro.ac.uk/pubkey.txt      |
>>> \r----------------------------------------------d-/
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> cisco-voip mailing list
>>> cisco-voip at puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>>
>>
>>
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150205/b9ab3f9b/attachment.html>


More information about the cisco-voip mailing list