[cisco-voip] GoDaddy UCC Cert?

Erich Novak Erich.Novak at nts.eu
Mon Feb 9 16:42:49 EST 2015


Oh - and btw watch out for CSCur67631 - totally unrelated to multi-server but could be a huge problem...

rgds
erich

Von: "Ryan Ratliff (rratliff)" <rratliff at cisco.com<mailto:rratliff at cisco.com>>
Datum: Montag, 09. Februar 2015 19:44
An: Kevin Przybylowski <kevinp at advancedtsg.com<mailto:kevinp at advancedtsg.com>>
Cc: cisco-voip voyp list <cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>>
Betreff: Re: [cisco-voip] GoDaddy UCC Cert?

If you are doing MRA watch out for CSCuo41160 and then CSCus73272 if you go to 10.5(2).

Other than those things have been good.

-Ryan

On Feb 9, 2015, at 1:36 PM, Kevin Przybylowski <kevinp at advancedtsg.com<mailto:kevinp at advancedtsg.com>> wrote:

What about Multi-Server tomcat in CUCM 10.5su1a?  Any experience with that scenario?

From: Ryan Ratliff (rratliff) [mailto:rratliff at cisco.com]
Sent: Monday, February 9, 2015 1:31 PM
To: Heim, Dennis
Cc: Matthew Loraditch; Kevin Przybylowski; cisco-voip voyp list
Subject: Re: [cisco-voip] GoDaddy UCC Cert?

I wouldn't recommend anyone using multi-server certs for CallManager.pem.  See CSCur79530 (broken ITL), CSCuq02712 (can't change security mode), and CSCur97909 (old certs in the db, related to CSCur79530).


-Ryan

On Feb 6, 2015, at 12:23 PM, Heim, Dennis <Dennis.Heim at wwt.com<mailto:Dennis.Heim at wwt.com>> wrote:

As of 10.5 SU1 we were still running into issues with the multi-server certificates not work. Supposedly it is fixed in SU2. However, we decided just to go with single server certs to resolve the issue. Anyone have it working on SU2 and not getting device resets?

Dennis Heim | Emerging Technology Architect (Collaboration)
World Wide Technology, Inc. | +1 314-212-1814
<image001.png><https://twitter.com/CollabSensei>
<image002.png><xmpp:dennis.heim at wwt.com><image003.png><tel:+13142121814><image004.png><sip:dennis.heim at wwt.com>
"Innovation happens on project squared" -- http://www.projectsquared.com<http://www.projectsquared.com/>


From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Matthew Loraditch
Sent: Friday, February 06, 2015 12:11 PM
To: Kevin Przybylowski; cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
Subject: Re: [cisco-voip] GoDaddy UCC Cert?

They have always done this. It's a bonus I suppose. Even when you buy a single hostname cert they add www to it. A little lagniappe I suppose but a bit of work in this case.

Matthew G. Loraditch - CCNP-Voice, CCNA-R&S, CCDA
Network Engineer
Direct Voice: 443.541.1518
Facebook<https://www.facebook.com/heliontech?ref=hl> | Twitter<https://twitter.com/HelionTech> | LinkedIn<https://www.linkedin.com/company/helion-technologies?trk=top_nav_home> | G+<https://plus.google.com/+Heliontechnologies/posts>

From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Kevin Przybylowski
Sent: Friday, February 06, 2015 11:55 AM
To: cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
Subject: [cisco-voip] GoDaddy UCC Cert?

I ran into an issue recently where I wasn't able to upload a godaddy UCC cert to CUCM (Multi-Server) until regenerating the CSR with "www.Common-Name<http://www.common-name/>" .

It appears godaddy adds www. as a SAN for all UCC certs now?  Has anyone else seen this?


_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150209/cc61f329/attachment.html>


More information about the cisco-voip mailing list